wpruby controlled_admin_access CVE Vulnerabilities (2)

CVEs: 2 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting wpruby controlled_admin_access (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2021-4360	The Controlled Admin Access plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 1.5.5 by not properly restricting access to the configuration page. This makes it possible for attackers to create a new administrator role with unrestricted access.	[email protected]	9.9	0.10%	2023-06-07	2026-04-08
CVE-2021-24215	An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.	[email protected]	9.8	54.59%	2021-04-12	2024-11-21

cvelogic Threat Intelligence