Lucene search

Cusmin Security Vulnerabilities

cve

CVE-2021-24944

The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

4.8CVSS

4.7AI Score

0.001EPSS

2022-02-01 01:15 PM

cve

CVE-2021-36823

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cusmin AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) allows Stored XSS.This issue affects AGCA - Absolutely Glamorous Custom Admin (WordPress plugin): from n/a through 6.8.

8.2CVSS

7.2AI Score

0.001EPSS

2021-09-23 05:15 PM

cve

CVE-2024-33627

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

4.4CVSS

6.8AI Score

0.0004EPSS

2024-04-29 08:15 AM