33 matches found
CVE-2025-13342 Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run save handler. This makes it...
EUVD-2025-200979
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run save handler. This makes it...
WordPress Frontend Admin by DynamiApps plugin <= 3.28.20 - Unauthenticated Arbitrary Options Update vulnerability
Unauthenticated Arbitrary Options Update vulnerability discovered by YCInfosec in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.20...
WordPress Frontend Admin by DynamiApps plugin <= 3.28.3 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Frissi0n in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.3...
CVE-2025-26987 WordPress Frontend Admin by DynamiApps plugin <= 3.25.17 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Reflected XSS.This issue affects Frontend Admin by DynamiApps: from n/a through = 3.25.17...
CVE-2025-26987 WordPress Frontend Admin by DynamiApps plugin <= 3.25.17 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Reflected XSS.This issue affects Frontend Admin by DynamiApps: from n/a through = 3.25.17...
WordPress plugin Frontend Admin by DynamiApps 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...
WordPress Frontend Admin by DynamiApps plugin <= 3.25.17 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Frontend Admin by DynamiApps versions = 3.25.17...
WordPress Frontend Admin by DynamiApps plugin <= 3.25.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Max Boll b0lli in WordPress Plugin Frontend Admin by DynamiApps versions = 3.25.1...
CVE-2024-11721
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. This is due to insufficient controls on the user role select field when utilizing the 'Role' field in a form. This makes it possible for unauthenticated...
CVE-2024-11720
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via submission forms in all versions up to, and including, 3.24.5 due to insufficient input sanitization and output escaping on the new Taxonomy form. This makes it possible for unauthenticated...
CVE-2024-11721 Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Privilege Escalation
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. This is due to insufficient controls on the user role select field when utilizing the 'Role' field in a form. This makes it possible for unauthenticated...
CVE-2024-11721
CVE-2024-11721 concerns Frontend Admin by DynamiApps (WordPress)