Executive Summary

CVE-2026-34896 is a Cross Site Request Forgery (CSRF) vulnerability found in the WordPress plugin "Under Construction, Coming Soon & Maintenance Mode" versions up to 2.1.1.

This vulnerability allows attackers to trick authenticated users with higher privileges into performing unwanted actions without their consent by making them click malicious links, visit crafted pages, or submit forms.

Although the attacker does not need to be authenticated, the attack requires interaction from a privileged user to succeed.

It is classified under OWASP Top 10 A1: Broken Access Control and has a CVSS score of 7.5, indicating moderate to high severity.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized actions being executed on your website by attackers exploiting privileged users' sessions.

• Attackers can cause privileged users to unknowingly perform actions that may compromise the website's integrity, confidentiality, or availability.
• Potential impacts include changes to site settings, content manipulation, or other administrative actions without the user's consent.

However, the risk is somewhat mitigated by the requirement of user interaction and the high attack complexity.

Updating the plugin to version 2.1.2 or later is strongly recommended to prevent exploitation.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability affects the WordPress plugin "Under Construction, Coming Soon & Maintenance Mode" versions up to and including 2.1.1. Detection involves identifying if this specific plugin and vulnerable version is installed on your WordPress site.

Since the vulnerability is a Cross Site Request Forgery (CSRF), network detection is challenging because it requires user interaction and authenticated sessions. There are no specific network commands provided to detect exploitation attempts.

To check the plugin version on your WordPress installation, you can use WP-CLI commands such as:

• wp plugin list --status=active
• wp plugin get under-construction-maintenance-mode --field=version

If the version is 2.1.1 or lower, the plugin is vulnerable.

Useful 0 Not Useful 0

Mitigation Strategies

The primary and immediate mitigation step is to update the "Under Construction, Coming Soon & Maintenance Mode" plugin to version 2.1.2 or later, where the vulnerability has been patched.

If automatic updates are available, enabling auto-update for this plugin can facilitate rapid protection.

Additionally, as a general best practice, limit the number of users with high privileges and educate users to avoid clicking suspicious links or submitting untrusted forms while authenticated.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify any direct impact of the Cross-Site Request Forgery (CSRF) vulnerability in the Under Construction, Coming Soon & Maintenance Mode plugin on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0