Follow @Openwall on Twitter for new release announcements and other news
[<prev] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aW_XAUlC0doseY7y@inutil.org>
Date: Tue, 20 Jan 2026 19:26:57 +0000
From: Moritz Mühlenhoff <jmm@...til.org>
To: oss-security@...ts.openwall.com
Subject: Re: WordPress Plugin "Under Construction &
 Maintenance Mode": Exposed debug functionality

mohammed gaming 222 wrote:
> Hello OSS-Security Team,
> 
> I would like to responsibly disclose a security vulnerability identified in
> the WordPress plugin *Under Construction & Maintenance Mode*.

Mohammed, this is not a criticism to you personally, I assume this
was posted in good faith.

But on a more general level, please let's avoid posting WordPress plugin
vulnerabilities on oss-sec.

Looking at the Debian Security Tracker there are have been 9773 CVE IDs
on WordPress plugins in 2025, they are not packaged in any Linux
distribution and posting a few individual ones really misses the
"There has to be desirable information for others in the Open Source
community" aspect of the list charter.

Cheers,
        Moritz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.