Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Admin Management Xtended Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1599 1 Admin Management Xtended Project 1 Admin Management Xtended 2022-07-15 4.3 MEDIUM 6.5 MEDIUM
The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more.
CVE-2022-29450 1 Admin Management Xtended Project 1 Admin Management Xtended 2022-06-24 6.8 MEDIUM 8.8 HIGH
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.
CVE-2015-9390 1 Admin Management Xtended Project 1 Admin Management Xtended 2019-09-23 4.0 MEDIUM 4.3 MEDIUM
The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.