3 matches found
CVE-2021-36823
CVE-2021-36823 affects the WordPress plugin AGCA – Absolutely Glamorous Custom Admin (version
CVE-2024-2907
CVE-2024-2907 affects the AGCA – Custom Dashboard & Login Page WordPress plugin before version 7.2.2. The flaw stems from insufficient sanitisation/escaping of certain settings, enabling Stored XSS by high-privilege users (e.g., administrators) even when unfiltered_html is disallowed (such as in ...
CVE-2021-24944
The CVE-2021-24944 entry concerns the WordPress plugin “Custom Dashboard & Login Page” (pre-7.0). The connected sources indicate a preventable Stored Cross‑Site Scripting (XSS) vulnerability caused by insufficient sanitisation of certain admin/settings fields, enabling high‑privilege users to exe...