3 matches found
CVE-2022-1599
The CVE-2022-1599 entry concerns the WordPress plugin Admin Management Xtended (before 2.4.5). The vulnerability arises from missing CSRF checks in several AJAX actions, allowing an attacker with a logged-in user with sufficient capabilities to trigger actions such as changing post status (draft/...
CVE-2022-29450
CVE-2022-29450 describes multiple Cross-Site Request Forgery (CSRF) vulnerabilities in the WordPress Admin Management Xtended plugin,
CVE-2015-9390
CVE-2015-9390 affects the WordPress plugin Admin Management Xtended prior to version 2.4.0.1. The vulnerability is a privilege escalation caused by mishandling of wp_ajax functions. Exploit details are not provided in the supplied documents. No explicit remediation/version fix is listed in the av...