[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTM8BnKndetWehgjYaDDgNj6WmAozOCvF6FSKZgeLR9w":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":112,"crawl_stats":38,"alternatives":119,"analysis":209,"fingerprints":595},"wp-maintenance-mode","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder","2.6.20","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your blog is down for maintenance, add a coming soon page for a new website or create a landing page for an existing site. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end. You can use a date with a countdown timer for visitor information or set a value and unit for information.\u003C\u002Fp>\n\u003Cp>Also works with WordPress Multisite installs (each blog from the network has its own maintenance settings).\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Fully customizable (change colors, texts and backgrounds).\u003C\u002Fli>\n\u003Cli>Subscription form (export emails to .csv file).\u003C\u002Fli>\n\u003Cli>Countdown timer (remaining time).\u003C\u002Fli>\n\u003Cli>Contact form (receive emails from visitors).\u003C\u002Fli>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Landing page templates;\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Social media icons;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>SEO options;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>Bot functionality to collect the emails in a friendly and efficient way;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bugs, technical hints or contribute\u003C\u002Fh4>\n\u003Cp>Please give us feedback, contribute and file technical bugs on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fandrianvaleanu\u002FWP-Maintenance-Mode\" rel=\"nofollow ugc\">GitHub Repo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>Developed by \u003Ca href=\"https:\u002F\u002Fthemeisle.com\" rel=\"nofollow ugc\">Themeisle\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptimole.com\u002F\" rel=\"nofollow ugc\">Optimole\u003C\u002Fa> – Optimole is your all-in-one image optimization solution for WordPress & beyond.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpshout.com\u002F\" rel=\"nofollow ugc\">WPShout\u003C\u002Fa> – In-Depth WordPress Tutorials for Developers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Frevive.social\u002F\" rel=\"nofollow ugc\">Revive Social\u003C\u002Fa> – Revive Old Posts helps you keep your content alive and in front the audiences that matter.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.codeinwp.com\u002F\" rel=\"nofollow ugc\">CodeinWP\u003C\u002Fa> – CodeinWP stands for all-things-WordPress. From web design to freelancing and from development to business, your questions are covered.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdomainwheel.com\" rel=\"nofollow ugc\">DomainWheel\u003C\u002Fa> – Free Short Website name generator, with the help of AI, for instant ideas.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Check-out \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002F\" title=\"Themeisle blog\" rel=\"nofollow ugc\">our blog\u003C\u002Fa> to learn from our \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress\u002Freviews\u002F\" title=\"WordPress Reviews\" rel=\"nofollow ugc\">WordPress Reviews\u003C\u002Fa> and see other \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fblog\u002Fcategory\u002Fwordpress-plugins\u002F\" title=\"WordPress Plugins Comparisons\" rel=\"nofollow ugc\">WordPress plugins\u003C\u002Fa>.\u003C\u002Fp>\n","Easy Drag & Drop Page Builder that adds a splash page to your site that it's perfect for a coming soon page, maintenance or landing page.",500000,19310486,86,859,"2025-12-10T19:23:00.000Z","6.9.4","4.7","7.1",[20,21,22,23,24],"admin","administration","coming-soon","maintenance-mode","unavailable","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-maintenance-mode.2.6.20.zip",96,6,0,"2024-01-05 00:00:00","2026-03-15T15:16:48.613Z",[33,49,65,80,91,100],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-7019","lightstart-maintenance-mode-coming-soon-and-landing-page-builder-missing-authorization","LightStart – Maintenance Mode, Coming Soon and Landing Page Builder \u003C= 2.6.8 - Missing Authorization","The LightStart – Maintenance Mode, Coming Soon and Landing Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the insert_template function in all versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to change page designs.",null,"\u003C=2.6.8","2.6.9","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-07-29 21:37:13",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb57d3d1d-dcdb-4f11-82d8-183778baa075?source=api-prod",207,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":56,"cvss_score":57,"cvss_vector":58,"vuln_type":59,"published_date":60,"updated_date":61,"references":62,"days_to_patch":64},"CVE-2022-1576","wp-maintenance-mode-coming-soon-cross-site-request-forgery","WP Maintenance Mode & Coming Soon \u003C= 2.4.4 - Cross-Site Request Forgery","The WP Maintenance Mode & Coming Soon plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.4. This is due to missing nonce validation on the reset_plugin_settings, subscribers_empty_list, dismiss_notices, subscribers_export, add_subscriber, & send_contact functions. This makes it possible for unauthenticated attackers to perform a variety of actions such as emptying the subscribers list and resetting the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=2.4.4","2.4.5","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Cross-Site Request Forgery (CSRF)","2022-06-20 00:00:00","2024-01-22 19:56:02",[63],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F840e9a50-ce53-4b9a-b6ae-c5016e11373b?source=api-prod",582,{"id":66,"url_slug":67,"title":68,"description":69,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":72,"cvss_score":73,"cvss_vector":74,"vuln_type":75,"published_date":76,"updated_date":61,"references":77,"days_to_patch":79},"CVE-2018-20156","wp-maintenance-mode-remote-code-execution","WP Maintenance Mode \u003C= 2.0.6 - Remote Code Execution","The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated \"site administrator\" users to execute arbitrary PHP code throughout a multisite network.","\u003C2.0.7","2.0.7","critical",9.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:H\u002FI:H\u002FA:H","Improper Input Validation","2018-12-14 00:00:00",[78],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2cf2201d-6da0-4f66-9135-c6b34ef7c65f?source=api-prod",1866,{"id":81,"url_slug":82,"title":83,"description":84,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":41,"cvss_score":85,"cvss_vector":86,"vuln_type":44,"published_date":87,"updated_date":61,"references":88,"days_to_patch":90},"CVE-2018-20155","wp-maintenance-mode-missing-authorization","WP Maintenance Mode \u003C= 2.0.6 - Missing Authorization","The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","2016-07-06 00:00:00",[89],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F00d69e80-36fa-4b74-8138-56c0bf576e44?source=api-prod",2757,{"id":92,"url_slug":93,"title":94,"description":95,"plugin_slug":4,"theme_slug":38,"affected_versions":70,"patched_in_version":71,"severity":41,"cvss_score":42,"cvss_vector":96,"vuln_type":97,"published_date":87,"updated_date":61,"references":98,"days_to_patch":90},"CVE-2018-20154","wp-maintenance-mode-authenticated-information-disclosure","WP Maintenance Mode \u003C= 2.0.6 - Authenticated Information Disclosure","The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor",[99],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe3de6969-a27c-40a1-87ff-ce09a702613c?source=api-prod",{"id":101,"url_slug":102,"title":103,"description":104,"plugin_slug":4,"theme_slug":38,"affected_versions":105,"patched_in_version":106,"severity":41,"cvss_score":85,"cvss_vector":107,"vuln_type":59,"published_date":108,"updated_date":61,"references":109,"days_to_patch":111},"CVE-2013-3250","wp-maintenance-mode-missing-authorization-checks-cross-site-request-forgery","WP Maintenance Mode \u003C= 1.8.7 - Missing Authorization Checks & Cross-Site Request Forgery","Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.","\u003C1.8.8","1.8.8","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:L","2013-06-05 00:00:00",[110],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff42dc6ab-4035-4e9e-b956-40395c7e309f?source=api-prod",3884,{"slug":113,"display_name":7,"profile_url":8,"plugin_count":114,"total_installs":115,"avg_security_score":27,"avg_patch_time_days":116,"trust_score":117,"computed_at":118},"themeisle",37,2245820,420,76,"2026-04-03T17:38:24.422Z",[120,137,153,170,187],{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":29,"num_ratings":29,"last_updated":130,"tested_up_to":131,"requires_at_least":132,"requires_php":25,"tags":133,"homepage":134,"download_link":135,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"maintenance-mode-with-site-build-status","Maintenance Mode with Site Build Status","1.0.9","maxgarceau","https:\u002F\u002Fprofiles.wordpress.org\u002Fmaxgarceau\u002F","\u003Cp>This plugin adds a maintenance page to your website that ALSO tells your customers and visitors exactly what stage of progress your website is in.\u003Cbr \u002F>\nKeep your customers informed, build excitement for your website, and continue to communicate with your visitors at all times.\u003Cbr \u002F>\nPerfect for businesses, web designers, and those who want their maintenance page to be more than just another page.\u003C\u002Fp>\n\u003Cp>Features Include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ability to add stages of construction for your website\u003C\u002Fli>\n\u003Cli>Ability to set stages to “Not Started”, “In Progress”, “Completed”, or “Waiting On Client”\u003C\u002Fli>\n\u003Cli>Customizable background\u003C\u002Fli>\n\u003Cli>Link to a temporary or current live site\u003C\u002Fli>\n\u003Cli>Ability to add custom logo\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Bugs or Suggestions\u003C\u002Fh3>\n\u003Cp>Please email bug reports or suggestions to plugins@redearthdesign.com.\u003C\u002Fp>\n\u003Ch3>Credits\u003C\u002Fh3>\n\u003Cp>Developed by Red Earth Design.\u003C\u002Fp>\n","Add a maintenance page to your website that ALSO tells your customers and visitors exactly what stage of progress your website is in.",10,1259,"2021-03-08T22:49:00.000Z","5.7.15","4.0",[20,21,22,23,24],"http:\u002F\u002Flive-maintenance-mode-with-site-build-status.pantheonsite.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmaintenance-mode-with-site-build-status.zip",85,{"slug":138,"name":139,"version":140,"author":141,"author_profile":142,"description":143,"short_description":10,"active_installs":128,"downloaded":144,"rating":145,"num_ratings":146,"last_updated":147,"tested_up_to":148,"requires_at_least":149,"requires_php":150,"tags":151,"homepage":25,"download_link":152,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"under-construction-for-specific-pages","Under Construction page display for certain page is in under maintenance.","2.0.1","chiragjdsofttech","https:\u002F\u002Fprofiles.wordpress.org\u002Fchiragjdsofttech\u002F","\u003Cp>Add a maintenance page to your blog that lets visitors know your certain page is down for maintenance, add a coming soon page for a new website. User with admin rights gets full access to the blog including the front end.\u003C\u002Fp>\n\u003Cp>Activate the plugin and your blog is in maintenance-mode, works and only registered users with enough rights can see the front end.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Coming soon page;\u003C\u002Fli>\n\u003Cli>Set under construction mode for specific pages.\u003C\u002Fli>\n\u003Cli>WordPress multisite;\u003C\u002Fli>\n\u003Cli>Responsive design;\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme;\u003C\u002Fli>\n\u003Cli>Exclude URLs from maintenance;\u003C\u002Fli>\n\u003Cli>GDPR Ready;\u003C\u002Fli>\n\u003C\u002Ful>\n",1023,100,3,"2024-01-04T11:14:00.000Z","6.4.8","3.5","5.6",[20,21,22,23,24],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Funder-construction-for-specific-pages.zip",{"slug":154,"name":155,"version":156,"author":157,"author_profile":158,"description":159,"short_description":160,"active_installs":29,"downloaded":161,"rating":29,"num_ratings":29,"last_updated":162,"tested_up_to":163,"requires_at_least":164,"requires_php":165,"tags":166,"homepage":168,"download_link":169,"security_score":136,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"simple-maintenance-4-wp","Simple Maintenance 4 wp","1.0.2","sadegh73","https:\u002F\u002Fprofiles.wordpress.org\u002Fsadegh73\u002F","\u003Cp>Display a simple maintenance mode page while your site is undergoing scheduled maintenance\u003C\u002Fp>\n\u003Cp>The plugin does not require any additional configuration or setup. All you need to do is activate it and maintenance mode will be automatically enabled. It is very lightweight yet powerful.\u003C\u002Fp>\n","Display a simple maintenance mode page while your site is undergoing scheduled maintenance The plugin does not require any additional configuration o …",975,"2018-02-18T00:02:00.000Z","4.9.29","3.0","5.5.12",[20,21,22,167,23],"maintenance","https:\u002F\u002Fgithub.com\u002Fsadegh73\u002FSimple-Maintenance-4-wordpress","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsimple-maintenance-4-wp.zip",{"slug":171,"name":172,"version":173,"author":174,"author_profile":175,"description":176,"short_description":177,"active_installs":178,"downloaded":179,"rating":145,"num_ratings":180,"last_updated":181,"tested_up_to":16,"requires_at_least":182,"requires_php":25,"tags":183,"homepage":185,"download_link":186,"security_score":145,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"slim-maintenance-mode","Slim Maintenance Mode","1.4.4","Johannes","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpdocde\u002F","\u003Cp>Slim Maintenance Mode is a lightweight solution for scheduled maintenance. Simply activate the plugin and only administrators can see the website.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No extra settings, just activate it, do maintenance work, deactivate it.\u003C\u002Fli>\n\u003Cli>Alert message in the backend, when the plugin is active.\u003C\u002Fli>\n\u003Cli>Works with any theme.\u003C\u002Fli>\n\u003Cli>Support for the following cache plugins: Cachify, LiteSpeed Cache, Super Cache, WP Rocket, WP Fastest Cache and W3 Total Cache.\u003C\u002Fli>\n\u003Cli>Sends HTTP response status code \u003Ccode>503 Service Unavailable\u003C\u002Fcode>, especially relevant for search engines.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Bug reports and Contributions\u003C\u002Fh4>\n\u003Cp>Bug reports and other contributions are highly appreciated. Please open an issue in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fslim-maintenance-mode\" rel=\"ugc\">support forum\u003C\u002Fa>.\u003C\u002Fp>\n","Simple and lightweight solution for scheduled maintenance. No settings page, just activate it and do your maintenance work stress-free.",10000,195488,60,"2025-11-12T10:12:00.000Z","4.6",[20,184,167,23,24],"cache","https:\u002F\u002Fwpdoc.de\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fslim-maintenance-mode.zip",{"slug":188,"name":189,"version":190,"author":191,"author_profile":192,"description":193,"short_description":194,"active_installs":195,"downloaded":196,"rating":29,"num_ratings":29,"last_updated":197,"tested_up_to":198,"requires_at_least":199,"requires_php":200,"tags":201,"homepage":204,"download_link":205,"security_score":206,"vuln_count":207,"unpatched_count":29,"last_vuln_date":208,"fetched_at":31},"maintenance-notice","Maintenance Notice","1.0.7","CodeVibrant","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodevibrant\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fdemo.codevibrant.com\u002Fplugins\u002Fmaintenance-notice\u002F\" rel=\"nofollow ugc\">Demos\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fdocs.codevibrant.com\u002Fplugins\u002Fmaintenance-notice\u002F\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fmaintenance-notice-pro-coming-soon-under-construction-mode\u002F32438483\" rel=\"nofollow ugc\">Premium Version\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Maintenance Notice\u003C\u002Fstrong> is a WordPress plugin that allows you to put the maintenance notice on your website. It helps to inform the visitors that your site is in maintenance mode without showing the broken site to the users.\u003Cbr \u002F>\nAdditionally, it has the option to add a coming soon page for a new website with date and countdown timer settings. The maintenance notice will only be visible to the users who are not logged in. Other users can login and continue browsing your site. Fully customization options to add social media icons, colors, countdown timer, and many more.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Fully customizable ( change colors, texts, and backgrounds ).\u003C\u002Fli>\n\u003Cli>Countdown timer ( remaining time ).\u003C\u002Fli>\n\u003Cli>Login Form field.\u003C\u002Fli>\n\u003Cli>Coming soon page.\u003C\u002Fli>\n\u003Cli>WordPress multisite.\u003C\u002Fli>\n\u003Cli>Responsive design.\u003C\u002Fli>\n\u003Cli>Social media icons.\u003C\u002Fli>\n\u003Cli>Background Overlay.\u003C\u002Fli>\n\u003Cli>Background Types ( color, static image, video ).\u003C\u002Fli>\n\u003Cli>Works with any WordPress theme.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>Checkout out our other projects for WordPress\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fmysterythemes.com\u002Fthemes\u002F\" rel=\"nofollow ugc\">Mystery Themes\u003C\u002Fa> – has 30+ beautiful and elegant responsive WordPress Themes.\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fwpallresources.com\u002F\" rel=\"nofollow ugc\">WPAllresources\u003C\u002Fa> – A complete WordPress resource with a Collection of WordPress Themes by Well Renowned Authors.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Get free dedicated support from our developers.\u003C\u002Fp>\n","Maintenance Notice plugin shows the maintenance information while performing updates on themes and plugins or fixing minor bugs on your website.",700,15214,"2025-03-21T05:25:00.000Z","6.7.5","5.0","7.2",[22,202,23,24,203],"coming-soon-page","under-construction","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fmaintenance-notice\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmaintenance-notice.1.0.7.zip",91,1,"2025-03-11 00:00:00",{"attackSurface":210,"codeSignals":423,"taintFlows":498,"riskAssessment":569,"analyzedAt":594},{"hooks":211,"ajaxHandlers":359,"restRoutes":420,"shortcodes":421,"cronEvents":422,"entryPointCount":343,"unprotectedCount":207},[212,218,222,225,229,233,236,240,244,247,250,254,259,262,266,270,274,278,279,282,286,289,292,295,299,303,307,311,314,318,321,325,328,330,334,338,344,349,350,353,356],{"type":213,"name":214,"callback":215,"file":216,"line":217},"action","init","load_default_settings","includes\\classes\\wp-maintenance-mode-admin.php",27,{"type":213,"name":219,"callback":220,"file":216,"line":221},"admin_enqueue_scripts","enqueue_admin_styles",30,{"type":213,"name":219,"callback":223,"file":216,"line":224},"enqueue_admin_scripts",31,{"type":213,"name":226,"callback":227,"file":216,"line":228},"admin_menu","add_plugin_menu",34,{"type":213,"name":230,"callback":231,"file":216,"line":232},"admin_head","add_inline_global_style",35,{"type":213,"name":234,"callback":227,"file":216,"line":235},"network_admin_menu",36,{"type":213,"name":237,"callback":238,"file":216,"line":239},"admin_init","maybe_redirect",38,{"type":213,"name":241,"callback":242,"file":216,"line":243},"admin_notices","add_notices",49,{"type":213,"name":245,"callback":242,"file":216,"line":246},"network_admin_notices",52,{"type":213,"name":245,"callback":248,"file":216,"line":249},"save_plugin_settings_notice",53,{"type":213,"name":251,"callback":252,"file":216,"line":253},"admin_post_wpmm_save_settings","save_plugin_settings",70,{"type":255,"name":256,"callback":256,"priority":257,"file":216,"line":258},"filter","admin_footer_text",5,73,{"type":255,"name":260,"callback":261,"file":216,"line":117},"admin_body_class","add_wizard_classes",{"type":255,"name":263,"callback":264,"priority":128,"file":216,"line":265},"display_post_states","add_display_post_states",79,{"type":255,"name":267,"callback":268,"file":216,"line":269},"themeisle_sdk_blackfriday_data","add_black_friday_data",81,{"type":255,"name":271,"callback":272,"file":216,"line":273},"safe_style_css","add_safe_style_css",472,{"type":213,"name":214,"callback":275,"file":276,"line":277},"load_plugin_textdomain","includes\\classes\\wp-maintenance-mode.php",67,{"type":213,"name":214,"callback":214,"file":276,"line":253},{"type":213,"name":237,"callback":280,"file":276,"line":281},"check_update",77,{"type":255,"name":283,"callback":284,"file":276,"line":285},"theme_page_templates","add_maintenance_template",80,{"type":255,"name":287,"callback":288,"file":276,"line":269},"template_include","use_maintenance_template",{"type":213,"name":290,"callback":291,"file":276,"line":136},"wpmm_head","remember_style_fse",{"type":213,"name":293,"callback":294,"file":276,"line":13},"wpmm_footer","add_style_fse",{"type":213,"name":296,"callback":297,"file":276,"line":298},"otter_form_after_submit","otter_add_subscriber",98,{"type":255,"name":300,"callback":301,"file":276,"line":302},"wpo_purge_all_cache_on_update","__return_true",101,{"type":255,"name":304,"callback":305,"file":276,"line":306},"pre_option_page_on_front","closure",109,{"type":213,"name":214,"callback":308,"priority":309,"file":276,"line":310},"redirect",9,131,{"type":213,"name":290,"callback":312,"file":276,"line":313},"add_css_files",134,{"type":213,"name":290,"callback":315,"priority":316,"file":276,"line":317},"add_inline_css_style",11,135,{"type":213,"name":290,"callback":319,"file":276,"line":320},"add_google_analytics_code",138,{"type":213,"name":322,"callback":323,"file":276,"line":324},"wpmm_before_scripts","add_bot_extras",141,{"type":213,"name":293,"callback":326,"file":276,"line":327},"add_js_files",142,{"type":213,"name":214,"callback":305,"file":276,"line":329},145,{"type":255,"name":331,"callback":332,"priority":128,"file":276,"line":333},"wp_mail_content_type","wpmm_change_mail_content_type",1360,{"type":255,"name":335,"callback":336,"file":276,"line":337},"wp_mail_from_name","anonymous",1361,{"type":255,"name":339,"callback":340,"priority":341,"file":342,"line":343},"extra_plugin_headers","wpmm_add_extra_plugin_headers",99,"includes\\functions\\helpers.php",17,{"type":213,"name":345,"callback":346,"file":347,"line":348},"plugins_loaded","get_instance","wp-maintenance-mode.php",66,{"type":213,"name":345,"callback":346,"file":347,"line":258},{"type":255,"name":351,"callback":352,"file":347,"line":117},"themeisle_sdk_products","wpmm_load_sdk",{"type":255,"name":354,"callback":305,"file":347,"line":355},"wp_maintenance_mode_about_us_metadata",78,{"type":255,"name":357,"callback":305,"file":347,"line":358},"wp_maintenance_mode_load_promotions",105,[360,366,370,374,378,381,385,389,393,397,401,404,406,410,412,415,417],{"action":361,"nopriv":362,"callback":363,"hasNonce":364,"hasCapCheck":364,"file":216,"line":365},"wpmm_subscribers_export",false,"subscribers_export",true,56,{"action":367,"nopriv":362,"callback":368,"hasNonce":364,"hasCapCheck":364,"file":216,"line":369},"wpmm_subscribers_empty_list","subscribers_empty_list",57,{"action":371,"nopriv":362,"callback":372,"hasNonce":364,"hasCapCheck":362,"file":216,"line":373},"wpmm_dismiss_notices","dismiss_notices",58,{"action":375,"nopriv":362,"callback":376,"hasNonce":364,"hasCapCheck":364,"file":216,"line":377},"wpmm_reset_settings","reset_plugin_settings",59,{"action":379,"nopriv":362,"callback":380,"hasNonce":364,"hasCapCheck":362,"file":216,"line":180},"wpmm_select_page","select_page",{"action":382,"nopriv":362,"callback":383,"hasNonce":364,"hasCapCheck":362,"file":216,"line":384},"wpmm_insert_template","insert_template",61,{"action":386,"nopriv":362,"callback":387,"hasNonce":364,"hasCapCheck":362,"file":216,"line":388},"wpmm_skip_insert_template","skip_insert_template",62,{"action":390,"nopriv":362,"callback":391,"hasNonce":364,"hasCapCheck":362,"file":216,"line":392},"wpmm_skip_wizard","skip_wizard",63,{"action":394,"nopriv":362,"callback":395,"hasNonce":364,"hasCapCheck":362,"file":216,"line":396},"wpmm_subscribe","subscribe_newsletter",64,{"action":398,"nopriv":362,"callback":399,"hasNonce":364,"hasCapCheck":362,"file":216,"line":400},"wpmm_change_template_category","change_template_category",65,{"action":402,"nopriv":362,"callback":403,"hasNonce":364,"hasCapCheck":362,"file":216,"line":348},"wpmm_toggle_gutenberg","toggle_gutenberg",{"action":405,"nopriv":362,"callback":405,"hasNonce":364,"hasCapCheck":362,"file":216,"line":277},"wpmm_update_sdk_options",{"action":407,"nopriv":364,"callback":408,"hasNonce":364,"hasCapCheck":362,"file":276,"line":409},"wpmm_add_subscriber","add_subscriber",94,{"action":407,"nopriv":362,"callback":408,"hasNonce":364,"hasCapCheck":362,"file":276,"line":411},95,{"action":413,"nopriv":364,"callback":414,"hasNonce":364,"hasCapCheck":362,"file":276,"line":27},"wpmm_send_contact","send_contact",{"action":413,"nopriv":362,"callback":414,"hasNonce":364,"hasCapCheck":362,"file":276,"line":416},97,{"action":418,"nopriv":362,"callback":418,"hasNonce":362,"hasCapCheck":362,"file":419,"line":228},"wp_ajax_install_plugin","includes\\functions\\hooks.php",[],[],[],{"dangerousFunctions":424,"sqlUsage":425,"outputEscaping":439,"fileOperations":492,"externalRequests":207,"nonceChecks":493,"capabilityChecks":28,"bundledLibraries":494},[],{"prepared":257,"raw":257,"locations":426},[427,430,433,435,438],{"file":216,"line":428,"context":429},274,"$wpdb->get_results() with variable interpolation",{"file":216,"line":431,"context":432},321,"$wpdb->query() with variable interpolation",{"file":342,"line":246,"context":434},"$wpdb->get_var() with variable interpolation",{"file":436,"line":437,"context":432},"uninstall.php",13,{"file":436,"line":246,"context":429},{"escaped":440,"rawEcho":441,"locations":442},347,23,[443,446,448,450,453,456,459,461,464,467,469,471,473,475,477,478,479,481,483,485,487,489,491],{"file":276,"line":444,"context":445},811,"raw output",{"file":276,"line":447,"context":445},1119,{"file":276,"line":449,"context":445},1162,{"file":451,"line":452,"context":445},"views\\contact.php",108,{"file":454,"line":455,"context":445},"views\\google-analytics.php",18,{"file":457,"line":458,"context":445},"views\\maintenance.php",128,{"file":457,"line":460,"context":445},211,{"file":462,"line":463,"context":445},"views\\network-settings.php",20,{"file":465,"line":466,"context":445},"views\\settings.php",116,{"file":465,"line":468,"context":445},129,{"file":465,"line":470,"context":445},237,{"file":465,"line":472,"context":445},270,{"file":465,"line":474,"context":445},279,{"file":465,"line":476,"context":445},316,{"file":465,"line":476,"context":445},{"file":465,"line":431,"context":445},{"file":465,"line":480,"context":445},439,{"file":465,"line":482,"context":445},875,{"file":465,"line":484,"context":445},922,{"file":465,"line":486,"context":445},971,{"file":465,"line":488,"context":445},988,{"file":490,"line":221,"context":445},"views\\wizard.php",{"file":490,"line":384,"context":445},4,15,[495],{"name":496,"version":38,"knownCves":497},"jQuery",[],[499,525,536,552],{"entryPoint":500,"graph":501,"unsanitizedCount":29,"severity":524},"insert_template (includes\\classes\\wp-maintenance-mode-admin.php:695)",{"nodes":502,"edges":521},[503,508,514,516],{"id":504,"type":505,"label":506,"file":216,"line":507},"n0","source","$_POST",712,{"id":509,"type":510,"label":511,"file":216,"line":512,"wp_function":513},"n1","sink","file_get_contents() [SSRF\u002FLFI]",713,"file_get_contents",{"id":515,"type":505,"label":506,"file":216,"line":507},"n2",{"id":517,"type":510,"label":518,"file":216,"line":519,"wp_function":520},"n3","update_option() [Settings Manipulation]",744,"update_option",[522,523],{"from":504,"to":509,"sanitized":364},{"from":515,"to":517,"sanitized":364},"low",{"entryPoint":526,"graph":527,"unsanitizedCount":29,"severity":524},"\u003Cwp-maintenance-mode-admin> (includes\\classes\\wp-maintenance-mode-admin.php:0)",{"nodes":528,"edges":533},[529,530,531,532],{"id":504,"type":505,"label":506,"file":216,"line":507},{"id":509,"type":510,"label":511,"file":216,"line":512,"wp_function":513},{"id":515,"type":505,"label":506,"file":216,"line":507},{"id":517,"type":510,"label":518,"file":216,"line":519,"wp_function":520},[534,535],{"from":504,"to":509,"sanitized":364},{"from":515,"to":517,"sanitized":364},{"entryPoint":537,"graph":538,"unsanitizedCount":207,"severity":56},"add_subscriber (includes\\classes\\wp-maintenance-mode.php:1300)",{"nodes":539,"edges":549},[540,542,545],{"id":504,"type":505,"label":506,"file":276,"line":541},1314,{"id":509,"type":543,"label":544,"file":276,"line":541},"transform","→ insert_subscriber()",{"id":515,"type":510,"label":546,"file":276,"line":547,"wp_function":548},"get_row() [SQLi]",1419,"get_row",[550,551],{"from":504,"to":509,"sanitized":362},{"from":509,"to":515,"sanitized":362},{"entryPoint":553,"graph":554,"unsanitizedCount":568,"severity":56},"\u003Cwp-maintenance-mode> (includes\\classes\\wp-maintenance-mode.php:0)",{"nodes":555,"edges":564},[556,558,559,561,562],{"id":504,"type":505,"label":506,"file":276,"line":557},1331,{"id":509,"type":510,"label":546,"file":276,"line":547,"wp_function":548},{"id":515,"type":505,"label":560,"file":276,"line":541},"$_POST (x2)",{"id":517,"type":543,"label":544,"file":276,"line":541},{"id":563,"type":510,"label":546,"file":276,"line":547,"wp_function":548},"n4",[565,566,567],{"from":504,"to":509,"sanitized":364},{"from":515,"to":517,"sanitized":362},{"from":517,"to":563,"sanitized":362},2,{"summary":570,"deductions":571},"The \"wp-maintenance-mode\" plugin v2.6.20 exhibits a mixed security posture. While it demonstrates good practices in output escaping (94% properly escaped) and utilizes prepared statements for half of its SQL queries, several significant concerns are present. The static analysis reveals a substantial attack surface with 17 AJAX handlers, one of which lacks authentication checks. This unprotected entry point is a critical security risk that could allow unauthorized actions. Furthermore, the taint analysis identified two high-severity flows with unsanitized paths, indicating potential vulnerabilities in how user-supplied data is processed, which could lead to unexpected or malicious behavior.\n\nThe plugin's vulnerability history, with 6 known CVEs including one critical and one high severity, is a major red flag. The prevalence of common vulnerability types like CSRF, improper input validation, missing authorization, and information exposure suggests recurring security weaknesses that have not been fully remediated or have re-emerged. The last known vulnerability being quite recent (January 2024) further emphasizes the ongoing need for vigilance.\n\nIn conclusion, despite some strengths in secure coding practices like output escaping, the \"wp-maintenance-mode\" plugin v2.6.20 has notable weaknesses. The unprotected AJAX handler and high-severity taint flows present immediate risks. The historical pattern of significant vulnerabilities suggests a recurring need for security audits and robust fixes. Users should be aware of these risks and ensure they are using the most secure version or consider alternatives if these issues are not addressed.",[572,575,578,580,582,585,587,589,591],{"reason":573,"points":574},"Unprotected AJAX handler found",8,{"reason":576,"points":577},"High severity taint flows with unsanitized paths",12,{"reason":579,"points":493},"1 critical known CVE",{"reason":581,"points":128},"1 high known CVE",{"reason":583,"points":584},"4 medium known CVEs",16,{"reason":586,"points":257},"Improper Input Validation vulnerability history",{"reason":588,"points":257},"Missing Authorization vulnerability history",{"reason":590,"points":257},"Exposure of Sensitive Information vulnerability history",{"reason":592,"points":593},"50% of SQL queries not using prepared statements",7,"2026-03-16T17:01:09.348Z",{"wat":596,"direct":609},{"assetPaths":597,"generatorPatterns":602,"scriptPaths":603,"versionParams":604},[598,599,600,601],"\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-mode\u002Fassets\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-mode\u002Fassets\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-mode\u002Fassets\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Fwp-maintenance-mode\u002Fassets\u002Fjs\u002Fscript.js",[],[600,601],[605,606,607,608],"wp-maintenance-mode\u002Fassets\u002Fcss\u002Fadmin-style.css?ver=","wp-maintenance-mode\u002Fassets\u002Fcss\u002Fstyle.css?ver=","wp-maintenance-mode\u002Fassets\u002Fjs\u002Fadmin-script.js?ver=","wp-maintenance-mode\u002Fassets\u002Fjs\u002Fscript.js?ver=",{"cssClasses":610,"htmlComments":615,"htmlAttributes":619,"restEndpoints":622,"jsGlobals":623,"shortcodeOutput":627},[611,612,613,614],"wpmm-wrapper","wpmm-admin-wrap","wp-maintenance-mode-admin-menu","wpmm-active-menu-item",[616,617,618],"\u003C!-- WP Maintenance Mode Admin -->","\u003C!-- WP Maintenance Mode -->","\u003C!-- Main Wrapper -->",[620,621],"data-wpmm-nonce","data-wpmm-action",[],[624,625,626],"window.wpmm_settings","var wpmm_nonce","var wpmm_object",[]]