cleantalk
Vulnerabilities and Security Researches

WP Admin UI Customize, CVE-2024-53278

CVE, Research URL

CVE-2024-53278

Home page URL

Security reports for WP Admin UI Customize

Application

WP Admin UI Customize

Published on
Nov 26, 2024
Research Description
Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing the admin screen.
Affected versions
Min -, max 1.5.14.
Status
vulnerable
Previous vulnerability researches
WP Admin UI Customize (CVE-2024-53278) , Nov 28, 2024
WP Admin UI Customize (CVE-2022-3824) , Jun 07, 2024
New vulnerability
Post Rating and Review (CVE-2025-6538) , Jun 27, 2025
WP Masonry & Infinite Scroll (CVE-2025-5488) , Jun 27, 2025
Modern Design Library (CVE-2025-5842) , Jun 27, 2025
FastBook – Responsive Appointment Booking and Scheduling System (CVE-2025-25173) , Jun 27, 2025
Zapier for WordPress (CVE-2025-50010) , Jun 27, 2025