cleantalk
Vulnerabilities and Security Researches

Church Admin, 5847628d-0607-4921-b97c-0463f1346a48

CVE, Research URL

5847628d-0607-4921-b97c-0463f1346a48

Home page URL

Security reports for Church Admin

Application

Church Admin

Published on
-
Research Description
Church Admin [church-admin] < 0.565 Church Admin 0.33.2.1 - Unauthenticated Directory Traversal The &quot;key&quot; parameter of download.php from plugins/church-admin/display/download.php is not sanitized and is vulnerable to a directory traversal type of attack.
Affected versions
max 0.565.
Status
vulnerable
Previous vulnerability researches
Church Admin (5847628d-0607-4921-b97c-0463f1346a48) , Jun 16, 2026
Church Admin (f573ca10-6a07-401a-b98b-85bfa328fab2) , Jun 16, 2026
Church Admin (8f760398227dcc9584cb74c875c7848453372a46) , Jun 16, 2026
Church Admin (af7a78cdab0b5b975cebde04c3bbbe0b01665875) , Jun 16, 2026
Church Admin (CVE-2025-39555) , Apr 18, 2025
New vulnerability
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps &amp; One (CVE-2026-56052) , Jun 26, 2026
Cornerstone (CVE-2026-9710) , Jun 26, 2026
Cornerstone (CVE-2026-9709) , Jun 26, 2026
Essential Blocks – Page Builder Gutenberg Blocks, Patterns &amp; Templates (CVE-2026-10833) , Jun 26, 2026
Post Duplicator (CVE-2026-10749) , Jun 26, 2026