2 matches found
WordPress Frontend Admin by DynamiApps plugin <= 3.28.25 - Unauthenticated Privilege Escalation to Administrator via Role Form Field vulnerability
Unauthenticated Privilege Escalation to Administrator via Role Form Field vulnerability discovered by andrea bocchetti in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.25...
CVE-2025-49267
CVE-2025-49267 affects WordPress plugin Frontend Admin by DynamiApps (versions up to and including 3.28.3). The issue is an SQL Injection due to improper neutralization of special elements, enabling blind SQL injection. Public references confirm affected software and version range; multiple sourc...