Vulnerabilities > Admincolumns

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2021-24365 Cross-site Scripting vulnerability in Admincolumns Admin Columns
The Admin Columns WordPress plugin Free before 4.3.2 and Pro before 5.5.2 allowed to configure individual columns for tables.
3.5
2021-06-21 CVE-2021-24366 Unspecified vulnerability in Admincolumns Admin Columns
The Admin Columns WordPress plugin before 4.3 and Admin Columns Pro WordPress plugin before 5.5.1 do not sanitise and escape its Label settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
network
low complexity
admincolumns
5.4
2019-11-08 CVE-2019-17661 Improper Neutralization of Formula Elements in a CSV File vulnerability in Admincolumns Admin Columns 3.4.6
A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers.
network
low complexity
admincolumns CWE-1236
8.8