Filtered by vendor Curtain Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-50955 3 Curtain, Curtain Project, Wordpress 3 Curtain, Curtain, Wordpress 2026-05-11 4.3 Medium
WordPress Plugin Curtain 1.0.2 contains a cross-site request forgery vulnerability that allows attackers to activate or deactivate site maintenance mode by crafting malicious requests. Attackers can trick authenticated administrators into submitting forged requests to the options-general.php page with curtain parameters to toggle maintenance mode without valid nonce validation.