CVE-2024-33627
- EPSS 0.15%
- Veröffentlicht 29.04.2024 08:15:07
- Zuletzt bearbeitet 21.11.2024 09:17:16
Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.
CVE-2024-2907
- EPSS 0.34%
- Veröffentlicht 25.04.2024 06:15:58
- Zuletzt bearbeitet 14.05.2025 17:45:21
The AGCA WordPress plugin before 7.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for...
CVE-2021-24944
- EPSS 0.21%
- Veröffentlicht 01.02.2022 13:15:09
- Zuletzt bearbeitet 21.11.2024 05:54:03
The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
CVE-2021-36823
- EPSS 0.21%
- Veröffentlicht 23.09.2021 17:15:12
- Zuletzt bearbeitet 21.11.2024 06:14:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cusmin AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) allows Stored XSS.This issue affects AGCA - Absolutely Glamorous Custom Admin (Wo...