Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Admin Management Xtended Project Subscribe
Filtered by product Admin Management Xtended
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1599 1 Admin Management Xtended Project 1 Admin Management Xtended 2022-07-15 4.3 MEDIUM 6.5 MEDIUM
The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more.
CVE-2022-29450 1 Admin Management Xtended Project 1 Admin Management Xtended 2022-06-24 6.8 MEDIUM 8.8 HIGH
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.
CVE-2015-9390 1 Admin Management Xtended Project 1 Admin Management Xtended 2019-09-23 4.0 MEDIUM 4.3 MEDIUM
The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.