CVE-2023-1263
The CMP – Coming Soon & Maintenance plugin for WordPress is vulnerable to Information Exposure in versions up to, and including, 4.1.6 via the cmp_get_post_detail function. This can allow unauthenticated individuals to obtain the contents of any non-password-protected, published post or page even when maintenance mode is enabled.
We have discovered 1,416 live websites that are affected by CVE-2023-1263.
Affected Software
| Product |  Cmp Coming Soon Maintenance |
| Category | Wordpress Plugins |
| Vulnerable Domains | 1,416 live websites (17% of Cmp Coming Soon Maintenance install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 71 versions ( 88% of all versions) |
Details
- Published - Mar 7, 2023
- Updated - Jan 13, 2025
Credits
- Marco Wotschka (finder)
CVE References
Website Distribution by Country
Number of websites using CVE-2023-1263 United States | 223 websites |
 Germany | 302 websites |
 Italy | 125 websites |
 GB | 86 websites |
 France | 83 websites |
 Netherlands | 54 websites |
 Spain | 46 websites |
 Switzerland | 31 websites |
 Denmark | 31 websites |
 Austria | 30 websites |
Website Distribution by TLD
Number of websites using CVE-2023-1263| .com | 491 websites |
| .de | 168 websites |
| .it | 92 websites |
| .nl | 49 websites |
| .co.uk | 49 websites |
| .org | 30 websites |
| .net | 29 websites |
| .es | 29 websites |
| .fr | 28 websites |
| .at | 27 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-1263
Top websites that are affected by CVE-2023-1263. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.org | France | ***,*** | |
| ******.com | United States | ***,*** | |
| ******.org | Italy | *,***,*** | |
| *****.at | Austria | *,***,*** | |
| *********.hr |  Croatia | *,***,*** | |
| ****************.net | GB | *,***,*** | |
| *******.at | France | *,***,*** | |
| ******************.com | United States | *,***,*** | |
| *************.com | United States | *,***,*** | |
| *************.pl |  Poland | *,***,*** |
FAQ
A total of 1,416 websites have been identified as vulnerable to CVE-2023-1263, based on global website indexing conducted by WebTechSurvey.
The Cmp Coming Soon Maintenance is affected by the CVE-2023-1263 vulnerability.
Cmp Coming Soon Maintenance versions up to and including 4.1.6 are vulnerable to CVE-2023-1263.