Skip to main content

Admin Columns

3 CVEs product

Monthly

CVE-2021-24365 MEDIUM POC This Month

The Admin Columns WordPress plugin Free before 4.3.2 and Pro before 5.5.2 allowed to configure individual columns for tables. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Admin Columns
NVD WPScan
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-24366 MEDIUM POC This Month

The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Admin Columns
NVD GitHub WPScan
CVSS 3.1
5.4
EPSS
1.0%
CVE-2019-17661 HIGH POC This Week

A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Microsoft WordPress Admin Columns
NVD
CVSS 3.1
8.8
EPSS
2.4%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Admin Columns WordPress plugin Free before 4.3.2 and Pro before 5.5.2 allowed to configure individual columns for tables. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Admin Columns
NVD WPScan
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Admin Columns
NVD GitHub WPScan
EPSS 2% CVSS 8.8
HIGH POC This Week

A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Microsoft WordPress +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy