VYPR

Admin Management Xtended

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-49307MedOct 17, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Stored XSS.This issue affects Admin Management Xtended : from n/a through <= 2.4.6.

  • CVE-2022-1599MedJul 11, 2022
    risk 0.42cvss 6.5epss 0.01

    The Admin Management Xtended WordPress plugin before 2.4.5 does not have CSRF checks in some of its AJAX actions, allowing attackers to make a logged users with the right capabilities to call them. This can lead to changes in post status (draft, published), slug, post date,…

  • CVE-2025-62965MedOct 27, 2025
    risk 0.36cvss 5.5epss 0.00

    Missing Authorization vulnerability in wpseek Admin Management Xtended admin-management-xtended allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin Management Xtended : from n/a through <= 2.5.1.

  • CVE-2015-9390MedSep 20, 2019
    risk 0.28cvss 4.3epss 0.01

    The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.

  • CVE-2022-29450MedJun 15, 2022
    risk 0.00cvss 5.4epss 0.00

    Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.