CVE-2022-0188
Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS UpdateThe CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout.
We have discovered 752 live websites that are affected by CVE-2022-0188.
Affected Software
| Product |  Cmp Coming Soon Maintenance |
| Category | Wordpress Plugins |
| Vulnerable Domains | 752 live websites (9.06% of Cmp Coming Soon Maintenance install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 62 versions ( 77% of all versions) |
Common Weakness Enumeration
CWE-306 Missing Authentication for Critical FunctionDetails
- Published - Feb 14, 2022
- Updated - Aug 2, 2024
Credits
- Krzysztof Zając (finder)
- WPScan (coordinator)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2022-0188 United States | 112 websites |
 Germany | 160 websites |
 Italy | 77 websites |
 France | 48 websites |
 GB | 47 websites |
 Netherlands | 26 websites |
 Spain | 21 websites |
 Denmark | 19 websites |
 Poland | 17 websites |
 South Africa | 13 websites |
Website Distribution by TLD
Number of websites using CVE-2022-0188| .com | 261 websites |
| .de | 93 websites |
| .it | 59 websites |
| .co.uk | 32 websites |
| .nl | 23 websites |
| .net | 16 websites |
| .fr | 14 websites |
| .at | 13 websites |
| .pl | 13 websites |
| .be | 11 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2022-0188
Top websites that are affected by CVE-2022-0188. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.org | France | ***,*** | |
| *****.at |  Austria | *,***,*** | |
| ****************.net | GB | *,***,*** | |
| ******************.com | United States | *,***,*** | |
| ******.com | United States | *,***,*** | |
| ************************.org | France | *,***,*** | |
| **************.de | Germany | *,***,*** | |
| ************.net | Germany | *,***,*** | |
| *****.es | Spain | *,***,*** | |
| ************.ru |  Russia | *,***,*** |
FAQ
CVE-2022-0188 is Missing Authentication for Critical Function in Cmp Coming Soon Maintenance
A total of 752 websites have been identified as vulnerable to CVE-2022-0188, based on global website indexing conducted by WebTechSurvey.
The Cmp Coming Soon Maintenance is affected by the CVE-2022-0188 vulnerability.
Cmp Coming Soon Maintenance versions up to 4.0.19 are vulnerable to CVE-2022-0188.
CVE-2022-0188 is resolved in version 4.0.19 of Cmp Coming Soon Maintenance.