Churchadminplugin ≫ Church Admin

Missing Authorization vulnerability in andy_moyle Church Admin church-admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Church Admin: from n/a through <= 5.0.8.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.

The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.