CVE-2024-51645

UNKNOWN 0.0

WordPress ThemeFuse Maintenance Mode plugin <= 1.1.3 - CSRF to Stored XSS vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Request Forgery (CSRF) vulnerability in themefusecom ThemeFuse Maintenance Mode themefuse-maintenance-mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through <= 1.1.3.

CWE	CWE-352
Vendor	themefusecom
Product	themefuse maintenance mode
Published	Nov 19, 2024
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for themefusecom themefuse maintenance mode

Be the first to know when new unknown vulnerabilities affecting themefusecom themefuse maintenance mode are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

themefusecom / ThemeFuse Maintenance Mode

0 ≤ 1.1.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/themefuse-maintenance-mode/vulnerability/wordpress-themefuse-maintenance-mode-plugin-1-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve

Credits

SOPROBRO | Patchstack Bug Bounty Program