Does Maintenance Notice have any unpatched vulnerabilities?

No. All known vulnerabilities in Maintenance Notice have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Maintenance Notice compatible with WordPress 6.7.5?

According to WordPress.org data, Maintenance Notice 1.0.7 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Maintenance Notice compatible with PHP 7.2+?

Maintenance Notice requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Maintenance Notice updated?

Maintenance Notice was last updated on Mar 21, 2025. Frequent updates are generally a positive security signal.

What is Maintenance Notice's security score?

Maintenance Notice has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Maintenance Notice Security & Risk Analysis

wordpress.org/plugins/maintenance-notice

Maintenance Notice plugin shows the maintenance information while performing updates on themes and plugins or fixing minor bugs on your website.

700 active installs v1.0.7 PHP 7.2+ WP 5.0+ Updated Mar 21, 2025

coming-sooncoming-soon-pagemaintenance-modeunavailableunder-construction

A · Safe

CVEs total1

Unpatched0

Last CVEMar 11, 2025

Plugin page Download

Safety Verdict

Is Maintenance Notice Safe to Use in 2026?

Generally Safe

Score 91/100

Maintenance Notice has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Mar 11, 2025Updated 1yr ago

Risk Assessment

The "maintenance-notice" plugin v1.0.7 demonstrates a generally good security posture, with strong adherence to best practices in several key areas. The code analysis reveals a minimal attack surface with only one AJAX handler, and critically, this handler is protected with an 8-point nonce check, indicating a robust defense against Cross-Site Request Forgery (CSRF) attacks. Furthermore, the plugin excels in output escaping, with 99% of its 373 outputs properly handled, and all SQL queries utilize prepared statements, mitigating SQL injection risks. The absence of file operations, external HTTP requests, and taint flows with unsanitized paths further contributes to its strong security. However, the plugin has a known vulnerability history, with one medium-severity CVE recorded, although it is currently patched. The fact that the last vulnerability was a CSRF and the common vulnerability type is also CSRF suggests a recurring area of concern that, while addressed in the code analysis, warrants continued vigilance in future updates. The lack of capability checks on the single AJAX entry point, while mitigated by nonce checks, is a minor oversight that could be improved by adding role-based access control.

Key Concerns

Medium severity CVE in history
Lack of capability checks on AJAX handler

Vulnerabilities

Maintenance Notice Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-28859medium · 4.3Cross-Site Request Forgery (CSRF)

Maintenance Notice <= 1.0.6 - Cross-Site Request Forgery

Mar 11, 2025 Patched in 1.0.7 (15d)

Code Analysis

Analyzed Mar 16, 2026

Maintenance Notice Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

371 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

99% escaped373 total outputs

Data Flows

All sanitized

Data Flow Analysis

5 flows

<additional-settings> (admin\partials\additional-settings.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Maintenance Notice Attack Surface

Entry Points1

Unprotected0

AJAX Handlers 1

authwp_ajax_cvmn_get_font_variantadmin\class-maintenance-notice-admin.php:56

WordPress Hooks 19

actionadmin_menuadmin\class-maintenance-notice-admin.php:54

actionadmin_enqueue_scriptsadmin\class-maintenance-notice-admin.php:55

actiontemplate_includeincludes\class-maintenance-notice.php:87

actionwp_enqueue_scriptsincludes\class-maintenance-notice.php:88

actionwp_enqueue_scriptsincludes\dynamic-styles.php:42

actioncvmn_frontend_header_sectionincludes\hooks\section-hooks.php:38

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:275

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:276

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:277

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:278

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:279

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:280

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:281

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:282

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:283

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:284

actioncvmn_frontend_main_content_sectionincludes\hooks\section-hooks.php:285

actioncvmn_frontend_content_postfixincludes\hooks\section-hooks.php:309

actionplugins_loadedmaintenance-notice.php:69

Maintenance & Trust

Maintenance Notice Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedMar 21, 2025

PHP min version7.2

Downloads15K

Community Trust

Rating0/100

Number of ratings0

Active installs700

Alternatives

Maintenance Notice Alternatives

CMP – Coming Soon & Maintenance Plugin by NiteoThemes

cmp-coming-soon-maintenance

Beautiful Coming soon, Maintenance or Landing page on your website, packed with premium features for free.

200K 6 CVEs

Coming Soon Page & Maintenance Mode

responsive-coming-soon

Coming Soon Plugin and Maintenance Mode plugin with Launch page & site offline plugin for your Website while it's under construction.

3K 3 CVEs

WP Maintenance Mode & Site Under Construction

wp-maintenance-mode-site-under-construction

WP plugin for Under Construction, Maintenance Mode & Coming Soon Pages. Enable with one click & show a landing page to visitors easily.

3K 5 CVEs

Siteready Coming Soon Under Construction

siteready-coming-soon-under-construction

100

Create stunning Coming Soon or Maintenance pages fast! Hide your site, add countdowns & forms, and keep SEO intact while you prepare to launch.

2K No CVEs

Simple Maintenance

simple-maintenance

Display a simple maintenance mode page while your site is undergoing scheduled maintenance

1K No CVEs

Developer Profile

Maintenance Notice Developer Profile

CodeVibrant

16 plugins · 20K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

9 days

View full developer profile

Detection Fingerprints

How We Detect Maintenance Notice

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/maintenance-notice/assets/library/font-awesome/css/all.min.css/wp-content/plugins/maintenance-notice/css/admin.css/wp-content/plugins/maintenance-notice/assets/cvmn-icons/style.css

Script Paths

/wp-content/plugins/maintenance-notice/js/admin.js

Version Parameters

maintenance-notice/css/admin.css?ver=maintenance-notice/assets/cvmn-icons/style.css?ver=

HTML / DOM Fingerprints

CSS Classes

cvmn-icon

JS Globals

MaintenanceNoticeObject

FAQ