CMP – Coming Soon & Maintenance Plugin by NiteoThemes Security & Risk Analysis
wordpress.org/plugins/cmp-coming-soon-maintenanceBeautiful Coming soon, Maintenance or Landing page on your website, packed with premium features for free.
Is CMP – Coming Soon & Maintenance Plugin by NiteoThemes Safe to Use in 2026?
Generally Safe
Score 91/100CMP – Coming Soon & Maintenance Plugin by NiteoThemes has a strong security track record. Known vulnerabilities have been patched promptly.
The "cmp-coming-soon-maintenance" v4.1.16 plugin presents a mixed security posture. On the positive side, the static analysis indicates a good effort in implementing security checks, with all AJAX handlers and REST API routes appearing to have authorization checks, and a high percentage of output escaping. The presence of numerous nonce and capability checks also suggests a developer mindful of WordPress security best practices. However, significant concerns arise from the analysis of SQL queries and taint flows. The complete lack of prepared statements for all three SQL queries is a major red flag, potentially exposing the site to SQL injection vulnerabilities. Furthermore, 13 flows with unsanitized paths detected in the taint analysis, despite no reported critical or high severity issues, suggest a potential for path traversal or file inclusion vulnerabilities that may not have been fully exposed or exploited in the analyzed context. The plugin's vulnerability history is also a significant concern. With a total of 6 known CVEs, including 2 high severity and 4 medium severity vulnerabilities, even though none are currently unpatched, it points to a history of security weaknesses. The common vulnerability types like Unrestricted Upload, SSRF, Improper Access Control, and Missing Authorization indicate recurring issues that require careful monitoring. While the current version appears to have addressed past CVEs and has a protected attack surface, the inherent risks from the SQL query practices and taint flow results, combined with its past vulnerability record, necessitate a cautious approach. The bundling of Select2 also warrants a check for its version and any known vulnerabilities.
Key Concerns
- All SQL queries lack prepared statements
- 13 taint flows with unsanitized paths
- History of 6 known CVEs (2 high, 4 medium)
- Bundled library: Select2
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Security Vulnerabilities
CVEs by Year
Severity Breakdown
6 total CVEs
CMP – Coming Soon & Maintenance <= 4.1.13 - Authenticated (Admin+) Arbitrary File Upload
CMP – Coming Soon & Maintenance <= 4.1.10 - Authenticated (Admin+) Server-Side Request Forgery
CMP – Coming Soon & Maintenance <= 4.1.7 - Maintenance Mode Bypass
CMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.6 - Information Exposure
CMP - Coming Soon & Maintenance Plugin <= 4.0.18 - Unauthenticated Arbitrary CSS Update
CMP <= 3.8.1 - Missing Authorization
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Code Analysis
Bundled Libraries
SQL Query Safety
Output Escaping
Data Flow Analysis
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Attack Surface
AJAX Handlers 16
WordPress Hooks 22
Maintenance & Trust
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Maintenance & Trust
Maintenance Signals
Community Trust
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Alternatives
Perfect Coming Soon Page
perfect-coming-soon-page
Perfect Coming Soon page enables you to use a light weighted plugin for multiple needs of coming soon,underconstruction or offline mode.
Coming Soon Master
coming-soon-master
Coming Soon Master plugin is modern and responsive coming soon, under construction & maintenance plugin to manage your website while it's und …
Coming Soon Counter Page / Maintenance Mode – Lacoming Soon
coming-soon-counter-page-maintenance-mode-lacoming-soon
Lasoon is a creative and professional coming soon WordPress Plugin built with the Bootstrap.
Coming Soon & Maintenance Mode Page & Under Construction
nifty-coming-soon-and-under-construction-page
Nifty Coming Soon & Maintenance Page creates awesome Coming Soon & Maintenance Pages.
Coming Soon Page & Maintenance Mode
responsive-coming-soon
Coming Soon Plugin and Maintenance Mode plugin with Launch page & site offline plugin for your Website while it's under construction.
CMP – Coming Soon & Maintenance Plugin by NiteoThemes Developer Profile
9 plugins · 221K total installs
How We Detect CMP – Coming Soon & Maintenance Plugin by NiteoThemes
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/coming-soon.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/coming-soon-responsive.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/animate.min.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/magnific-popup.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/owl.carousel.min.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/owl.theme.default.min.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/owl.transitions.css/wp-content/plugins/cmp-coming-soon-maintenance/assets/css/colorpicker.css+10 moreCMP Coming Soon & Maintenance by NiteoThemes/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/coming-soon.js/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/colorpicker.js/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/jquery.plugin.min.js/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/jquery.countdown.min.js/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/jquery.magnific-popup.min.js/wp-content/plugins/cmp-coming-soon-maintenance/assets/js/owl.carousel.min.js+4 morecmp-coming-soon-maintenance/assets/css/coming-soon.css?ver=cmp-coming-soon-maintenance/assets/css/coming-soon-responsive.css?ver=cmp-coming-soon-maintenance/assets/css/animate.min.css?ver=cmp-coming-soon-maintenance/assets/css/magnific-popup.css?ver=cmp-coming-soon-maintenance/assets/css/owl.carousel.min.css?ver=cmp-coming-soon-maintenance/assets/css/owl.theme.default.min.css?ver=cmp-coming-soon-maintenance/assets/css/owl.transitions.css?ver=cmp-coming-soon-maintenance/assets/css/colorpicker.css?ver=cmp-coming-soon-maintenance/assets/js/coming-soon.js?ver=cmp-coming-soon-maintenance/assets/js/colorpicker.js?ver=cmp-coming-soon-maintenance/assets/js/jquery.plugin.min.js?ver=cmp-coming-soon-maintenance/assets/js/jquery.countdown.min.js?ver=cmp-coming-soon-maintenance/assets/js/jquery.magnific-popup.min.js?ver=cmp-coming-soon-maintenance/assets/js/owl.carousel.min.js?ver=cmp-coming-soon-maintenance/assets/js/wow.min.js?ver=cmp-coming-soon-maintenance/assets/js/waypoints.min.js?ver=cmp-coming-soon-maintenance/assets/js/particles.min.js?ver=cmp-coming-soon-maintenance/assets/js/scripts.js?ver=HTML / DOM Fingerprints
cmp-coming-soon-pageniteo-coming-soon-wrapcmp-coming-soon-contentniteo-coming-soon-titlecmp-coming-soon-subscribe-formcmp-coming-soon-social-iconsniteo-coming-soon-countdown<!-- CMP Coming Soon & Maintenance by NiteoThemes --><!-- Countdown Timer --><!-- Social Icons --><!-- Subscribe Form -->+9 moredata-wow-delaydata-wow-durationdata-particlesdata-particle-colordata-particle-shape-typedata-particle-shape-polygon-sides+11 morewowparticlesJScountdown