📦 Church Admin

This vulnerability allows attackers to upload arbitrary files, including web shells, to WordPress servers running the Church Admin plugin. Attackers can achieve remote code execution and full server c...

CVE-2024-31280 is an arbitrary file upload vulnerability in the WordPress Church Admin plugin that allows attackers to upload malicious files to vulnerable websites. This affects all versions up to 4....

Unauthenticated reflected cross-site scripting (XSS) vulnerability in the Church Admin WordPress plugin allows attackers to inject malicious scripts via crafted URLs. When users click malicious links,...

This CVE describes a missing authorization vulnerability in the Church Admin WordPress plugin that allows attackers to bypass access controls and perform unauthorized actions. It affects all versions ...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the Church Admin WordPress plugin. It allows attackers to make the vulnerable server send unauthorized requests to internal or ...

This CVE describes a Missing Authorization vulnerability in the Church Admin WordPress plugin that allows attackers to exploit incorrectly configured access control security levels. It affects all ver...

This Cross-Site Request Forgery (CSRF) vulnerability in the Church Admin WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions. It affects all Word...