Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Frontend Admin by DynamiApps — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Frontend Admin by DynamiApps, with AI-generated Chinese analysis, references, and POCs.

Vendor: Shabti Kaplan

CVE IDTitleCVSSSeverityPublished
CVE-2026-3328 Frontend Admin by DynamiApps <= 3.28.31 - Authenticated (Editor+) PHP Object Injection via 'post_content' of Admin Form Posts CWE-502 7.2 High2026-03-26
CVE-2025-14741 Frontend Admin by DynamiApps <= 3.28.25 - Missing Authorization to Unauthenticated Arbitrary Data Deletion via 'delete post' Form Element CWE-862 9.1 Critical2026-01-09
CVE-2025-14937 Frontend Admin by DynamiApps <= 3.28.23 - Unauthenticated Stored Cross-Site Scripting via 'update_field' CWE-79 7.2 High2026-01-09
CVE-2025-14736 Frontend Admin by DynamiApps <= 3.28.29 - Unauthenticated Privilege Escalation to Administrator via Role Form Field CWE-269 9.8 Critical2026-01-09
CVE-2025-13342 Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update CWE-862 9.8 Critical2025-12-03
CVE-2025-49267 WordPress Frontend Admin by DynamiApps plugin <= 3.28.3 - SQL Injection vulnerability CWE-89 8.5 High2025-08-14
CVE-2025-49303 WordPress Frontend Admin by DynamiApps plugin <= 3.28.7 - Arbitrary File Download Vulnerability CWE-22 6.8 Medium2025-07-04
CVE-2025-26987 WordPress Frontend Admin by DynamiApps plugin <= 3.25.17 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2025-02-25
CVE-2024-11722 Frontend Admin by DynamiApps <= 3.25.1 - Unauthenticated SQL Injection CWE-89 5.9 Medium2024-12-21
CVE-2024-11721 Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Privilege Escalation CWE-269 8.1 High2024-12-14
CVE-2024-11720 Frontend Admin by DynamiApps <= 3.24.5 - Unauthenticated Stored Cross-Site Scripting CWE-79 7.2 High2024-12-14
CVE-2024-3729 Frontend Admin by DynamiApps <= 3.19.4 - Improper Missing Encryption Exception Handling to Form Manipulation CWE-636 9.8 Critical2024-05-02
CVE-2023-51411 WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload CWE-434 10.0 Critical2023-12-29

All 13 known CVE vulnerabilities affecting Frontend Admin by DynamiApps with full Chinese analysis, references, and POCs where available.