Vulnerabilities > Cusmin > Absolutely Glamorous Custom Admin > 6.8

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-01	CVE-2021-24944	Cross-site Scripting vulnerability in Cusmin Absolutely Glamorous Custom Admin The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. network cusmin CWE-79	3.5
2021-09-23	CVE-2021-36823	Cross-site Scripting vulnerability in Cusmin Absolutely Glamorous Custom Admin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cusmin AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) allows Stored XSS.This issue affects AGCA - Absolutely Glamorous Custom Admin (WordPress plugin): from n/a through 6.8. network low complexity cusmin CWE-79	8.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.