cleantalk
Vulnerabilities and Security Researches

Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More, CVE-2019-25213

CVE, Research URL

CVE-2019-25213

Home page URL

Security reports for Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More

Application

Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More

Published on
Oct 16, 2024
Research Description
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive files such as wp-config.php
Affected versions
max 5.9.9.
Status
vulnerable
Previous vulnerability researches
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2019-25213) , Oct 17, 2024
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2021-24830) , Jun 07, 2024
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2020-35935) , Jun 07, 2024
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2020-35934) , Jun 07, 2024
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2014-6059) , Jun 07, 2024
New vulnerability
WordPress Plugin for Google Maps – WP MAPS (CVE-2026-6381) , May 19, 2026
BuddyPress (CVE-2020-37233) , May 19, 2026
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More (CVE-2026-42674) , May 19, 2026
Anti-Malware Security and Brute-Force Firewall (CVE-2021-47977) , May 19, 2026
Pricing Table by Supsystic (CVE-2020-37243) , May 19, 2026