Absolutely Glamorous Custom Admin@* Security Vulnerabilities and Issues — Absolutely Glamorous Custom Admin@* CVE List

Lucene search

CusminAbsolutely Glamorous Custom Admin*

4 matches found

CVE•added 2021/09/23 5:15 p.m.•53 views

CVE-2021-36823

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cusmin AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) allows Stored XSS.This issue affects AGCA - Absolutely Glamorous Custom Admin (WordPress plugin): from n/a through 6.8.

8.2CVSS7.2AI score0.00208EPSS

CVE•added 2024/04/25 6:15 a.m.•46 views

CVE-2024-2907

The AGCA WordPress plugin before 7.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

6.8CVSS7.6AI score0.00252EPSS

CVE•added 2024/04/29 8:15 a.m.•43 views

CVE-2024-33627

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

4.4CVSS6.8AI score0.0011EPSS

CVE•added 2022/02/01 1:15 p.m.•38 views

CVE-2021-24944

The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

4.8CVSS4.7AI score0.00195EPSS