Frontend Admin by DynamiApps

Shabti Kaplan

Developer

3.28.33

Latest version

10,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

16 patched

14 Mitigation rules

Authenticated (Editor+) PHP Object Injection via 'post_content' of Admin Form Posts vulnerability
<= 3.28.31
3 days ago
Unauthenticated Privilege Escalation vulnerability
<= 3.24.5
03/02/2026
Unauthenticated Stored Cross-Site Scripting vulnerability
<= 3.24.5
03/02/2026
Unauthenticated Stored Cross-Site Scripting via 'update_field' vulnerability
<= 3.28.23
09/01/2026
Unauthenticated Privilege Escalation to Administrator via Role Form Field vulnerability
<= 3.28.25
09/01/2026
Missing Authorization to Unauthenticated Arbitrary Data Deletion via 'delete post' Form Element vulnerability
<= 3.28.25
09/01/2026
Unauthenticated Arbitrary Options Update vulnerability
<= 3.28.20
03/12/2025
SQL Injection vulnerability
<= 3.28.3
12/08/2025
Arbitrary File Download Vulnerability
<= 3.28.7
26/06/2025
Reflected Cross Site Scripting (XSS) vulnerability
<= 3.25.17
23/02/2025
Unauthenticated SQL Injection vulnerability
<= 3.25.1
20/12/2024
Improper Missing Encryption Exception Handling to Form Manipulation vulnerability
<= 3.19.4
22/04/2024
Unauthenticated Arbitrary File Upload vulnerability
<= 3.18.3
27/12/2023
Reflected Cross Site Scripting (XSS) vulnerability
<= 3.7.11
19/07/2023
Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
< 3.3.33
28/02/2022
Sensitive Information Disclosure vulnerability
< 3.3.33
28/02/2022