Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

andy_moyle — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting andy_moyle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

andy_moyle primarily develops and maintains open-source web frameworks and utility libraries, serving as foundational infrastructure for numerous enterprise applications. Historical vulnerability records indicate a prevalence of server-side request forgery (SSRF), cross-site scripting (XSS), and improper access control issues, reflecting the complexity of handling external inputs and user permissions within dynamic web environments. Among the twenty-one recorded Common Vulnerabilities and Exposures (CVEs), several instances highlight critical remote code execution risks stemming from deserialization flaws and inadequate input sanitization. These incidents underscore the inherent challenges in securing widely adopted, flexible codebases that interact with diverse third-party services. The security profile suggests a pattern where complex integration points and legacy code paths contribute to exploitable conditions, necessitating rigorous static analysis and continuous monitoring to mitigate potential breaches in dependent systems.

Top products by andy_moyle: Church Admin Emergency Password Reset
CVE IDTitleCVSSSeverityPublished
CVE-2026-0682 Church Admin <= 5.0.28 - Authenticated (Administrator+) Blind Server-Side Request Forgery via 'audio_url' Parameter — Church AdminCWE-918 2.2 Low2026-01-17
CVE-2025-57942 WordPress Emergency Password Reset plugin <= 9.3 - Cross Site Request Forgery (CSRF) vulnerability — Emergency Password ResetCWE-352 4.3 Medium2025-09-22
CVE-2025-39553 WordPress Church Admin plugin <= 5.0.9 - Sensitive Data Exposure vulnerability — Church AdminCWE-862 4.3 Medium2025-09-09
CVE-2025-57896 WordPress Church Admin Plugin <= 5.0.26 - Broken Access Control Vulnerability — Church AdminCWE-862 5.3 Medium2025-08-22
CVE-2025-39555 WordPress Church Admin plugin <= 5.0.23 - Cross Site Scripting (XSS) vulnerability — Church AdminCWE-79 6.5 Medium2025-04-16
CVE-2025-26941 WordPress Church Admin plugin <= 5.0.18 - SQL Injection vulnerability — Church AdminCWE-89 9.3 Critical2025-03-26
CVE-2024-53795 WordPress Church Admin plugin <= 5.0.8 - Broken Access Control vulnerability — Church AdminCWE-862 5.3 Medium2024-12-06
CVE-2024-37440 WordPress Church Admin plugin <= 4.4.4 - Broken Access Control vulnerability — Church AdminCWE-862 4.3 Medium2024-11-01
CVE-2024-50438 WordPress Church Admin plugin < 5.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Church AdminCWE-79 7.1 High2024-10-28
CVE-2024-37418 WordPress Church Admin plugin <= 4.4.6 - Arbitrary File Upload vulnerability — Church AdminCWE-434 9.9 Critical2024-07-09
CVE-2024-35764 WordPress Church Admin plugin <= 4.4.4 - Cross Site Scripting (XSS) vulnerability — Church AdminCWE-79 6.5 Medium2024-06-21
CVE-2024-35637 WordPress Church Admin plugin <= 4.3.6 - Server Side Request Forgery (SSRF) vulnerability — Church AdminCWE-918 4.4 Medium2024-06-03
CVE-2024-31281 WordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerability — Church AdminCWE-862 6.3 Medium2024-05-17
CVE-2024-34828 WordPress Church Admin plugin <= 4.1.32 - Cross Site Request Forgery (CSRF) vulnerability — Church AdminCWE-352 4.3 Medium2024-05-10
CVE-2024-32090 WordPress Church Admin plugin <= 4.0.27 - Cross Site Request Forgery (CSRF) vulnerability — Church AdminCWE-352 4.3 Medium2024-04-15
CVE-2024-31280 WordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerability — Church AdminCWE-434 9.9 Critical2024-04-07
CVE-2024-30505 WordPress Church Admin plugin <= 4.1.18 - Broken Access Control vulnerability — Church AdminCWE-862 5.4 Medium2024-03-29
CVE-2024-30493 WordPress Church Admin plugin <= 4.1.7 - Cross Site Request Forgery (CSRF) vulnerability — Church AdminCWE-352 4.3 Medium2024-03-29
CVE-2024-30244 WordPress Church Admin plugin <= 4.0.27 - SQL Injection via shortcode vulnerability — Church AdminCWE-89 8.5 High2024-03-28
CVE-2024-30193 WordPress Church Admin plugin <= 4.1.17 - Stored Cross Site Scripting (XSS) vulnerability — Church AdminCWE-79 6.5 Medium2024-03-27
CVE-2024-30197 WordPress Church Admin plugin <= 4.0.26 - Cross Site Scripting (XSS) vulnerability — Church AdminCWE-79 6.5 Medium2024-03-27

This page lists every published CVE security advisory associated with andy_moyle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.