Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

250 matches found

Patchstack
Patchstackadded 2024/06/17 12:0 a.m.13 views

WordPress Church Admin Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Church Admin Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35764 Patch priority Low CVSS severity Low 6.5 Developer Andy Moyle PSID ef4f8b581e9b Credits Ngô Thiên An ancorn from VNPT-VCI Required...

6.5CVSS6.6AI score0.00379EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2024/05/30 9:8 a.m.4 views

WordPress Church Admin plugin <= 4.3.6 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin Church Admin versions = 4.3.6...

4.4CVSS7AI score0.00153EPSS
Exploits0Affected Software1
CNNVD
CNNVDadded 2024/05/17 12:0 a.m.2 views

WordPress plugin Church Admin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.3CVSS8.4AI score0.00563EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/05/14 12:0 a.m.2 views

WordPress plugin Church Admin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.5AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/05/10 8:16 a.m.16 views

CVE-2024-34828 WordPress Church Admin plugin <= 4.1.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.32...

4.3CVSS5.3AI score0.00121EPSS
Exploits0References1
WPVulnDB
WPVulnDBadded 2024/05/01 12:0 a.m.11 views

Absolutely Glamorous Custom Admin < 7.2.4 - Admin+ SSRF

Description The plugin is vulnerable to Server-Side Request Forgery, allowing authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal servic...

4.4CVSS9.2AI score0.00149EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2024/04/17 12:0 a.m.11 views

Church Admin < 4.0.28 - Cross-Site Request Forgery

Description The Church Admin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.27. This is due to missing or incorrect nonce validation on the cadebugmode function. This makes it possible for unauthenticated attackers to enable debug mode via a...

4.3CVSS6.6AI score0.0016EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/04/15 9:2 a.m.11 views

CVE-2024-32090 WordPress Church Admin plugin <= 4.0.27 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.0.27...

4.3CVSS5.1AI score0.0016EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/04/15 9:2 a.m.16 views

CVE-2024-32090 WordPress Church Admin plugin <= 4.0.27 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.0.27...

4.3CVSS4.9AI score0.0016EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/04/15 12:0 a.m.4 views

WordPress Plugin Church Admin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin i...

4.3CVSS6.4AI score0.0016EPSS
Exploits0References2
Patchstack
Patchstackadded 2024/04/11 9:51 a.m.3 views

WordPress Church Admin plugin <= 4.0.27 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Church Admin versions = 4.0.27...

4.3CVSS7AI score0.0016EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2024/04/11 12:0 a.m.10 views

WordPress Church Admin Plugin <= 4.0.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.0.27 Fixed in 4.0.28 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32090 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 74fcfce5e41d Credits Dhabaleshwar Das Required...

4.3CVSS6.6AI score0.0016EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2024/04/07 5:33 p.m.20 views

CVE-2024-31280 WordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.1.5...

9.9CVSS9.7AI score0.00437EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/04/05 8:55 a.m.3 views

WordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Church Admin versions = 4.1.6...

6.3CVSS7AI score0.00563EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2024/04/05 8:53 a.m.4 views

WordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Church Admin versions = 4.1.5...

9.9CVSS7AI score0.00437EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2024/04/05 12:0 a.m.8 views

WordPress Church Admin Plugin <= 4.1.6 is vulnerable to Broken Access Control

Software Church Admin Type Plugin Vulnerable versions = 4.1.6 Fixed in 4.1.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31281 Patch priority Medium CVSS severity Medium 6.3 Developer Andy Moyle PSID 45a702e240da Credits Peng Zhou Required privilege...

6.3CVSS6.5AI score0.00563EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2024/04/05 12:0 a.m.9 views

WordPress Church Admin Plugin <= 4.1.5 is vulnerable to Arbitrary File Upload

Software Church Admin Type Plugin Vulnerable versions = 4.1.5 Fixed in 4.1.6 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-31280 Patch priority High CVSS severity High 9.9 Developer Andy Moyle PSID edcb8443de34 Credits Peng Zhou Required privilege Subscriber Publish...

9.9CVSS6.8AI score0.00437EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/03/29 12:0 a.m.2 views

WordPress Plugin Church Admin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

5.4CVSS8.1AI score0.00125EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/03/27 12:0 a.m.2 views

WordPress Plugin Church Admin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

6.5CVSS7AI score0.00162EPSS
Exploits0References2
Patchstack
Patchstackadded 2024/03/26 12:0 a.m.10 views

WordPress Church Admin Plugin <= 4.0.27 is vulnerable to SQL Injection

Software Church Admin Type Plugin Vulnerable versions = 4.0.27 Fixed in 4.0.28 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30244 Patch priority Medium CVSS severity Medium 8.5 Developer Andy Moyle PSID f10836385922 Credits LVT-tholv2k Required privilege Contributor...

8.5CVSS7.2AI score0.00487EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder