CVE-2026-34896
Cross-Site Request Forgery in Analytify Maintenance Mode Plugin
Publication date: 2026-04-07
Last updated on: 2026-04-07
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| analytify | under_construction_coming_soon_&_maintenance_mode | to 2.1.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-34896 is a Cross Site Request Forgery (CSRF) vulnerability found in the WordPress plugin "Under Construction, Coming Soon & Maintenance Mode" versions up to 2.1.1.
This vulnerability allows attackers to trick authenticated users with higher privileges into performing unwanted actions without their consent by making them click malicious links, visit crafted pages, or submit forms.
Although the attacker does not need to be authenticated, the attack requires interaction from a privileged user to succeed.
It is classified under OWASP Top 10 A1: Broken Access Control and has a CVSS score of 7.5, indicating moderate to high severity.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized actions being executed on your website by attackers exploiting privileged users' sessions.
- Attackers can cause privileged users to unknowingly perform actions that may compromise the website's integrity, confidentiality, or availability.
- Potential impacts include changes to site settings, content manipulation, or other administrative actions without the user's consent.
However, the risk is somewhat mitigated by the requirement of user interaction and the high attack complexity.
Updating the plugin to version 2.1.2 or later is strongly recommended to prevent exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the WordPress plugin "Under Construction, Coming Soon & Maintenance Mode" versions up to and including 2.1.1. Detection involves identifying if this specific plugin and vulnerable version is installed on your WordPress site.
Since the vulnerability is a Cross Site Request Forgery (CSRF), network detection is challenging because it requires user interaction and authenticated sessions. There are no specific network commands provided to detect exploitation attempts.
To check the plugin version on your WordPress installation, you can use WP-CLI commands such as:
- wp plugin list --status=active
- wp plugin get under-construction-maintenance-mode --field=version
If the version is 2.1.1 or lower, the plugin is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
The primary and immediate mitigation step is to update the "Under Construction, Coming Soon & Maintenance Mode" plugin to version 2.1.2 or later, where the vulnerability has been patched.
If automatic updates are available, enabling auto-update for this plugin can facilitate rapid protection.
Additionally, as a general best practice, limit the number of users with high privileges and educate users to avoid clicking suspicious links or submitting untrusted forms while authenticated.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of the Cross-Site Request Forgery (CSRF) vulnerability in the Under Construction, Coming Soon & Maintenance Mode plugin on compliance with common standards and regulations such as GDPR or HIPAA.