CVE-2025-57896 WordPress Church Admin Plugin <= 5.0.26 - Broken Access Control Vulnerability

Missing Authorization vulnerability in andymoyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Church Admin: from n/a through 5.0.26...

WordPress Church Admin Plugin <= 4.1.32 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.1.32 Fixed in 4.2.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-34828 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 2d0beb058c1b Credits Dhabaleshwar Das Required...

WordPress Church Admin Plugin <= 4.1.18 is vulnerable to Broken Access Control

Software Church Admin Type Plugin Vulnerable versions = 4.1.18 Fixed in 4.1.19 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-30505 Patch priority Medium CVSS severity Medium 5.4 Developer Andy Moyle PSID 4be0d3ba3cb9 Credits CatFather Required privilege...

WordPress Church Admin Plugin <= 4.1.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.1.7 Fixed in 4.1.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30493 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 730279774aaf Credits Peng Zhou Required privileg...

WordPress Church Admin Plugin <= 4.1.17 is vulnerable to Cross Site Scripting (XSS)

Software Church Admin Type Plugin Vulnerable versions = 4.1.17 Fixed in 4.1.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-30193 Patch priority Low CVSS severity Low 6.5 Developer Andy Moyle PSID 239d5fd65793 Credits CatFather Required privilege...