CVE-2025-26941 WordPress Church Admin plugin <= 5.0.18 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in andymoyle Church Admin church-admin allows SQL Injection.This issue affects Church Admin: from n/a through = 5.0.18...

CVE-2024-11721

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. This is due to insufficient controls on the user role select field when utilizing the 'Role' field in a form. This makes it possible for unauthenticated...

WordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Style Admin versions = 1.4.3...

emlog 代码注入漏洞

emlog is emlog personal developer of a PHP and MySQL based CMS site building system. A code injection vulnerability exists in emlog Pro 2.4.1 and earlier versions, which originates from a cross-site scripting attack due to the manipulation of the filter parameter in the /admin/plugin.php file...

PT-2024-17762 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.1 Description: A problem has been found in Emlog Pro that affects some unknown processing of the file /admin/plugin.php. The manipulation of the argument filter leads to cross site scripting. The attack may be...

WordPress Church Admin plugin <= 5.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Church Admin versions = 5.0.8...

WordPress plugin Church Admin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Church Admin plugin < 5.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Church Admin versions 5.0.0...

CVE-2024-46086

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/delete/123...

FrogCms 安全漏洞

FrogCms is an HTTP server by philippe personal developer. A security vulnerability exists in FrogCms version V0.9.5, which originates from a cross-site request forgery initiated via /admin/? /plugin/filemanager/rename initiated cross-site request forgery...

CVE-2024-46362

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createdirectory...

FrogCms 安全漏洞

FrogCms is an HTTP server by philippe personal developer. A security vulnerability exists in FrogCms version v0.9.5, which stems from a vulnerability discovered via /admin/? /plugin/filemanager/createfile was found to contain a cross-site request forgery vulnerability...

WordPress plugin Church Admin code issue vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress Church Admin plugin <= 4.4.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou in WordPress Plugin Church Admin versions = 4.4.6...

VulnCheck KEV: CVE-2024-37418

Unrestricted Upload of File with Dangerous Type vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.4.6...

WordPress Church Admin Plugin <= 4.4.6 is vulnerable to Arbitrary File Upload

Software Church Admin Type Plugin Vulnerable versions = 4.4.6 Fixed in 4.4.7 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-37418 Patch priority High CVSS severity High 9.9 Developer Andy Moyle PSID 3fae9e77c92b Credits Peng Zhou Required privilege Subscriber Publish...

WordPress CommandBar for WP Admin plugin <= 1.0.7 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin CommandBar for WP Admin versions = 1.0.7...

WordPress Church Admin plugin <= 4.4.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Church Admin versions = 4.4.4...

WordPress Church Admin Plugin <= 4.4.4 is vulnerable to Broken Access Control

Software Church Admin Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37440 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 7a86d2a04714 Credits Ngô Thiên An ancorn from VNPT-VCI...

WordPress plugin Church Admin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...