[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fa7j44nNZJlNrKfago1awVXE8tJQGUfzEEcwEpUWR67g":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-5f6b88fb-1070-427b-a51f-23fbede3dd59-under-construction-maintenance-mode","under-construction-coming-soon-maintenance-mode-server-side-request-forgery","Under Construction, Coming Soon & Maintenance Mode \u003C= 1.1.1 - Server Side Request Forgery","The Under Construction, Coming Soon & Maintenance Mode plugin for WordPress is vulnerable to Server Side Request Forgery (SSRF) in versions up to, and including,1.1.1. This is due to the 'apiKey' POST parameter being improperly sanitized. This makes it possible for unauthenticated attackers to execute arbitrary scripting in other users' browsers, leading to the disclosure of sensitive data or subsequent attacks.","under-construction-maintenance-mode",null,"\u003C=1.1.1","1.1.2","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Server-Side Request Forgery (SSRF)","2021-02-27 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5f6b88fb-1070-427b-a51f-23fbede3dd59?source=api-prod",1060]