WordPress plugin Administrator Z 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

WordPress plugin Administrator Z 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

CVE-2025-32276 WordPress Administrator Z plugin <= 2025.03.04 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Quý Lê 91 Administrator Z allows Cross Site Request Forgery. This issue affects Administrator Z: from n/a through 2025.03.04...

CVE-2025-32187 WordPress Administrator Z plugin <= 2026.03.02 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Quý Lê 91 Administrator Z administrator-z allows DOM-Based XSS.This issue affects Administrator Z: from n/a through = 2026.03.02...

WordPress plugin Administrator Z 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2025-2815

The CVE-2025-2815 entry concerns the Administrator Z plugin for WordPress. A missing capability check in adminz_import_backup() allows authenticated users with Subscriber+ access to modify arbitrary options, enabling privilege escalation (e.g., setting the default registration role to administrat...

CVE-2025-2815 Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update

The Administrator Z plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the adminzimportbackup function in all versions up to, and including, 2025.03.24. This makes it possible for authenticated...

WordPress Administrator Z plugin < 2024.10.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Administrator Z versions 2024.10.21...