Church_admin_project Church_admin
17 CVEs affecting Church_admin_project Church_admin. Latest disclosed: 2024-11-01. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-37418 | Critical | 9.9 | 2024-07-09 | Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.4… |
CVE-2024-31280 | Critical | 9.9 | 2024-04-07 | Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1… |
CVE-2024-30244 | High | 8.5 | 2024-03-28 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2023-34021 | High | 7.1 | 2023-06-23 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions. |
CVE-2024-35764 | Medium | 6.5 | 2024-06-21 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-30505 | Medium | 6.5 | 2024-03-29 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.18. |
CVE-2024-30197 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-30193 | Medium | 6.5 | 2024-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects C… |
CVE-2024-31281 | Medium | 6.3 | 2024-05-17 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.6. |
CVE-2023-38515 | Medium | 5.5 | 2023-11-13 | Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56. |
CVE-2024-35637 | Medium | 4.4 | 2024-06-03 | Server-Side Request Forgery (SSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.3.6. |
CVE-2024-37440 | Medium | 4.3 | 2024-11-01 | Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.4.4. |
CVE-2024-34828 | Medium | 4.3 | 2024-05-14 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.32. |
CVE-2024-32090 | Medium | 4.3 | 2024-04-15 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27. |
CVE-2024-30493 | Medium | 4.3 | 2024-03-29 | Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.7. |
CVE-2022-0833 | Medium | 4.3 | 2022-03-28 | The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticate… |
CVE-2015-4127 | | 2015-05-28 | Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML v… |