Andy_moyle Church Admin
20 CVEs affecting Andy_moyle Church Admin. Latest disclosed: 2026-01-17. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-37418 | Critical | 9.9 | 2024-07-09 | Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.4… |
CVE-2024-31280 | Critical | 9.9 | 2024-04-07 | Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1… |
CVE-2025-26941 | Critical | 9.3 | 2025-03-26 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin allows SQL Injection… |
CVE-2024-30244 | High | 8.5 | 2024-03-28 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-50438 | High | 7.1 | 2024-10-28 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin allows Reflected XSS… |
CVE-2025-39555 | Medium | 6.5 | 2025-04-16 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin allows Stored XSS.Th… |
CVE-2024-35764 | Medium | 6.5 | 2024-06-21 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-30505 | Medium | 6.5 | 2024-03-29 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.18. |
CVE-2024-30197 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-30193 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-31281 | Medium | 6.3 | 2024-05-17 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.6. |
CVE-2025-57896 | Medium | 5.3 | 2025-08-22 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue… |
CVE-2024-53795 | Medium | 5.3 | 2024-12-06 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects… |
CVE-2024-35637 | Medium | 4.4 | 2024-06-03 | Server-Side Request Forgery (SSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.3.6. |
CVE-2025-39553 | Medium | 4.3 | 2025-09-09 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 5.0.9. |
CVE-2024-37440 | Medium | 4.3 | 2024-11-01 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.4.4. |
CVE-2024-34828 | Medium | 4.3 | 2024-05-14 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.32. |
CVE-2024-32090 | Medium | 4.3 | 2024-04-15 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27. |
CVE-2024-30493 | Medium | 4.3 | 2024-03-29 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.7. |
CVE-2026-0682 | Low | 2.2 | 2026-01-17 | The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient validation… |