← Back

Admin Management Xtended Project

admin_management_xtended_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Admin Management Xtended
admin_management_xtended
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-1599
1Admin Management Xtended Project
1Admin Management Xtended
Nov 21, 2024
Jul 11, 2022
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to chang...Show more
The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date, comment status (enabled, disabled) and more.Show less
CVE-2022-29450
1Admin Management Xtended Project
1Admin Management Xtended
Nov 21, 2024
Jun 15, 2022
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.
CVE-2015-9390
1Admin Management Xtended Project
1Admin Management Xtended
Nov 21, 2024
Sep 20, 2019
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.