Church Admin Security Vulnerabilities and Issues — Church Admin CVE List

Lucene search

Church Admin ProjectChurch Admin

5 matches found

CVE•added 2023/11/13 3:15 a.m.•49 views

CVE-2023-38515

Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56.

5.5CVSS5.2AI score0.00135EPSS

CVE•added 2022/03/28 6:15 p.m.•40 views

CVE-2022-0833

The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file gener...

4.3CVSS4.5AI score0.00126EPSS

CVE•added 2024/06/21 1:15 p.m.•39 views

CVE-2024-35764

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.4.4.

6.5CVSS6.2AI score0.00089EPSS

CVE•added 2015/05/28 2:59 p.m.•37 views

CVE-2015-4127

Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/.

4.3CVSS5.9AI score0.01716EPSS

CVE•added 2023/06/23 12:15 p.m.•19 views

CVE-2023-34021

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin

7.1CVSS6.1AI score0.00083EPSS