WordPress Custom Dashboard & Login Page – AGCA plugin <= 6.9.5 - Stored Cross-Site Scripting (XSS) vulnerability

2021-12-3000:00:00

0ppr2s

patchstack.com

0.001 Low

EPSS

Percentile

25.0%

Stored Cross-Site Scripting (XSS) vulnerability discovered by 0ppr2s in WordPress Custom Dashboard & Login Page – AGCA plugin (versions <= 6.9.5).

Solution

           Update the WordPress Custom Dashboard & Login Page – AGCA plugin to the latest available version (at least 7.0).

CPENameOperatorVersion
absolutely glamorous custom adminle6.9.5

CPE	Name	Operator	Version
	absolutely glamorous custom admin	le	6.9.5

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24944

wordpress.org/plugins/ag-custom-admin/#developers

wpscan.com/vulnerability/d1bfdce3-89bd-441f-8ebb-02cf0ff8b6cc

0.001 Low

EPSS

Percentile

25.0%

Related for PATCHSTACK:EC87DF4657A4171CDB8510BDB403034B