38 matches found
CVE-2023-44988
Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...
CVE-2023-47763
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...
CVE-2023-44988
Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...
CVE-2023-44988 WordPress WP Custom Admin Interface plugin <= 7.32 - Broken Access Control vulnerability
Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32...
PT-2025-1481 · WordPress · Martin Gibson Wp Custom Admin Interface
Name of the Vulnerable Software and Affected Versions: Martin Gibson WP Custom Admin Interface versions n/a through 7.32 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to...
CVE-2023-47763
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...
CVE-2023-47763 WordPress WP Custom Admin Interface plugin <= 7.31 - Broken Access Control vulnerability
Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through = 7.31...
WordPress plugin WP Custom Admin Interface 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WP Custom Admin Interface < 7.32 - Missing Authorization via wpcai_pro_notice_disable
Description The WP Custom Admin Interface plugin for WordPress is vulnerable to unauthorized admin notice dismissal due to a missing capability check on the wpcaipronoticedisable function in versions up to, and including, 7.31. This makes it possible for authenticated attackers, with...
WP Custom Admin Interface < 7.33 - Missing Authorization to Transients Deletion
Description The WP Custom Admin Interface plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcustomadmininterfacedeletetransients function in versions up to, and including, 7.32. This makes it possible for authenticated attackers, wi...
WordPress WP Custom Admin Interface Plugin <= 7.31 is vulnerable to Broken Access Control
Software WP Custom Admin Interface Type Plugin Vulnerable versions = 7.31 Fixed in 7.32 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47763 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 73d0182de151 Credits Abdi Pranata...
WordPress WP Custom Admin Interface Plugin <= 7.32 is vulnerable to Broken Access Control
Software WP Custom Admin Interface Type Plugin Vulnerable versions = 7.32 Fixed in 7.33 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-44988 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 74d65a8c422e Credits Abdi Pranata Required...
CVE-2022-4043
The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2022-4043
The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
Design/Logic Flaw
The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...
CVE-2022-4043
Summary: The WP Custom Admin Interface WordPress plugin is vulnerable in versions prior to 7.29 due to unserializing user input in settings, which could allow high-privilege users such as admins to perform PHP Object Injection when a suitable gadget is present. The condition is documented across ...
WordPress Plugin WP Custom Admin Interface 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection
The plugin unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC action=importsettings=O%3a4%3a%22Evil%22%3a0%3a%7b%7d%3b=6960d7bb50...