Skip to main content

Controlled Admin Access

2 CVEs product

Monthly

CVE-2021-4360 CRITICAL POC Act Now

The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation WordPress Controlled Admin Access
NVD WPScan
CVSS 3.1
9.9
EPSS
0.1%
CVE-2021-24215 CRITICAL POC Act Now

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP Authentication Bypass Controlled Admin Access
NVD WPScan
CVSS 3.1
9.8
EPSS
9.7%
EPSS 0% CVSS 9.9
CRITICAL POC Act Now

The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation WordPress +1
NVD WPScan
EPSS 10% CVSS 9.8
CRITICAL POC Act Now

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP Authentication Bypass +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy