CVE-2024-1478

Name of the Vulnerable Software and Affected Versions Maintenance Mode plugin for WordPress versions up to, and including, 2.5.0

Description The issue allows unauthenticated attackers to obtain post and page content via the REST API, bypassing the content protection provided by the plugin. This is possible due to Sensitive Information Exposure in the affected versions.

Recommendations For versions up to, and including, 2.5.0, update to a version later than 2.5.0 to resolve the issue. As a temporary workaround, consider restricting access to the REST API to minimize the risk of exploitation.