Skip to main content

Frontend Admin

5 CVEs product

Monthly

CVE-2024-11722 MEDIUM PATCH This Month

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping on the user. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

SQLi WordPress Frontend Admin
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2024-11721 HIGH PATCH This Week

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation WordPress Frontend Admin
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2024-11720 MEDIUM PATCH This Month

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via submission forms in all versions up to, and including, 3.24.5 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Frontend Admin
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-3729 CRITICAL PATCH Act Now

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation PHP WordPress Authentication Bypass OpenSSL +1
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-51411 CRITICAL Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.18.3. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Frontend Admin
NVD
CVSS 3.1
10.0
EPSS
0.7%
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping on the user. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

SQLi WordPress Frontend Admin
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.24.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation WordPress Frontend Admin
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via submission forms in all versions up to, and including, 3.24.5 due to insufficient input. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Frontend Admin
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation PHP WordPress +3
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.18.3. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Frontend Admin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy