Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:36 a.m.8 views

CVE-2023-44988

Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...

4.3CVSS5.1AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.5 views

CVE-2023-47763

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...

4.3CVSS7.3AI score0.00357EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 12:15 p.m.4 views

CVE-2023-44988

Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...

4.3CVSS0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 11:59 a.m.15 views

CVE-2023-44988 WordPress WP Custom Admin Interface plugin <= 7.32 - Broken Access Control vulnerability

Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...

4.3CVSS0.00324EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.4 views

PT-2025-1481 · WordPress · Martin Gibson Wp Custom Admin Interface

Name of the Vulnerable Software and Affected Versions: Martin Gibson WP Custom Admin Interface versions n/a through 7.32 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to...

4.3CVSS7AI score0.00324EPSS
Exploits0References4
NVD
NVD
added 2024/12/09 1:15 p.m.12 views

CVE-2023-47763

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...

4.3CVSS0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:30 a.m.23 views

CVE-2023-47763 WordPress WP Custom Admin Interface plugin <= 7.31 - Broken Access Control vulnerability

Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...

4.3CVSS0.00357EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

WordPress plugin WP Custom Admin Interface 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.7AI score0.00357EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.7 views

WP Custom Admin Interface < 7.32 - Missing Authorization via wpcai_pro_notice_disable

Description The WP Custom Admin Interface plugin for WordPress is vulnerable to unauthorized admin notice dismissal due to a missing capability check on the wpcaipronoticedisable function in versions up to, and including, 7.31. This makes it possible for authenticated attackers, with...

6.7AI score0.00357EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.8 views

WP Custom Admin Interface < 7.33 - Missing Authorization to Transients Deletion

Description The WP Custom Admin Interface plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcustomadmininterfacedeletetransients function in versions up to, and including, 7.32. This makes it possible for authenticated attackers, wi...

6.7AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/13 12:0 a.m.6 views

WordPress WP Custom Admin Interface Plugin <= 7.31 is vulnerable to Broken Access Control

Software WP Custom Admin Interface Type Plugin Vulnerable versions = 7.31 Fixed in 7.32 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47763 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 73d0182de151 Credits Abdi Pranata...

6.5AI score0.00357EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/10/03 12:0 a.m.8 views

WordPress WP Custom Admin Interface Plugin <= 7.32 is vulnerable to Broken Access Control

Software WP Custom Admin Interface Type Plugin Vulnerable versions = 7.32 Fixed in 7.33 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-44988 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 74d65a8c422e Credits Abdi Pranata Required...

6.7AI score0.00324EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/01/09 11:15 p.m.2 views

CVE-2022-4043

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS5.8AI score0.17686EPSS
Exploits2References1
NVD
NVD
added 2023/01/09 11:15 p.m.16 views

CVE-2022-4043

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS7.1AI score0.17686EPSS
Exploits2References1
Prion
Prion
added 2023/01/09 11:15 p.m.15 views

Design/Logic Flaw

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

5.8CVSS7.1AI score0.17686EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/01/09 10:13 p.m.54 views

CVE-2022-4043

Summary: The WP Custom Admin Interface WordPress plugin is vulnerable in versions prior to 7.29 due to unserializing user input in settings, which could allow high-privilege users such as admins to perform PHP Object Injection when a suitable gadget is present. The condition is documented across ...

7.2CVSS7AI score0.17686EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2023/01/09 12:0 a.m.5 views

WordPress Plugin WP Custom Admin Interface 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

7.2CVSS7.2AI score0.17686EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2022/12/13 12:0 a.m.20 views

WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection

The plugin unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC action=importsettings=O%3a4%3a%22Evil%22%3a0%3a%7b%7d%3b=6960d7bb50...

7.2CVSS4.5AI score0.17686EPSS
Exploits2Affected Software1
Rows per page
Query Builder