Davidvongries Ultimate Dashboard Custom Wordpress Dashboard vulnerabilities
2 known vulnerabilities affecting davidvongries/ultimate_dashboard_custom_wordpress_dashboard.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-2276MEDIUMCVSS 4.3≤ 3.8.72025-03-26
CVE-2025-2276 [MEDIUM] CWE-862 CVE-2025-2276: The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthoriz
The Ultimate Dashboard – Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function in all versions up to, and including, 3.8.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate/deactiva
cvelistv5nvd
CVE-2023-4726MEDIUMCVSS 4.8≤ 3.7.72023-11-22
CVE-2023-4726 [MEDIUM] CWE-79 CVE-2023-4726: The Ultimate Dashboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin s
The Ultimate Dashboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 3.7.7. due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that
cvelistv5nvd