Andy Moyle Church Admin vulnerabilities
23 known vulnerabilities affecting andy_moyle/church_admin.
Total CVEs
23
CISA KEV
0
Public exploits
0
Exploited in wild
5
Severity breakdown
CRITICAL2HIGH2MEDIUM18LOW1
Vulnerabilities
Page 2 of 2
CVE-2024-32090P4MEDIUMCVSS 4.3≤ 4.0.272024-04-15
CVE-2024-32090 [MEDIUM] CWE-352 CVE-2024-32090: Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue a
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27.
nvd
CVE-2024-30493P4MEDIUMCVSS 4.3≤ 4.1.72024-03-29
CVE-2024-30493 [MEDIUM] CWE-352 CVE-2024-30493: Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue a
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.7.
nvd
CVE-2026-0682P4LOWCVSS 2.2≤ 5.0.282026-01-17
CVE-2026-0682 [LOW] CWE-918 CVE-2026-0682: The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions u
The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient validation of user-supplied URLs in the 'audio_url' parameter. This makes it possible for authenticated attackers, with Administrator-level access, to make web requests to arbitrary locations originating from
nvd
← Previous2 / 2