Advanced Access Manager – Access Governance for WordPress

Vulnerabilities 16Slug advanced-access-managerLatest version 7.1.1WordPress.org →

Minimum safe version

6.9.21

Update to 6.9.21 or later to address 16 fixable vulnerabilities

Latest available7.1.1 ✓

Critical 9.8

2024-10-16< 5.9.9

CVE-2019-25213

CVE

High 7.1

2024-03-20< 6.9.21

Advanced Access Manager <= 6.9.20 - Reflected Cross-Site Scripting

Wordfence CVE Patchstack WPScan

Medium 5.9

2024-03-19< 6.9.21

CVE-2024-29124

CVE Wordfence Patchstack WPScan

Medium 6.5

2024-12-26< 6.9.16

WordPress Advanced Access Manager Plugin <= 6.9.15 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

Medium 4.7

2024-12-27< 6.9.19

WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection

Patchstack CVE Wordfence WPScan

Medium 6.5

2024-12-27< 6.9.19

WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

N/A

2016-06-21< 3.2.2

Advanced Access Manager <= 3.2.1 - Unrestricted AJAX Actions allowing Privilege Escalation

Wordfence

N/A

2019-09-09< 5.9.9

Advanced Access Manager <= 5.9.8.1 - Unauthenticated Arbitrary File Read

Wordfence

N/A

< 3.2.2

Advanced Access Manager <= 3.2.1 - Privilege Escalation

WPScan

N/A

< 5.9.9

Advanced Access Manager < 5.9.9 - Unauthenticated Local File Inclusion

WPScan

N/A

2016-06-21< 3.2.2

WordPress Advanced Access Manager Plugin <= 3.3 - Unrestricted File Upload

Patchstack

N/A

2019-09-09< 5.9.9

WordPress Advanced Access Manager plugin <= 5.9.8.1 - Arbitrary File Access/Download vulnerability

Patchstack

High 7.2

2020-01-13< 2.8.3

CVE-2014-6059

CVE Patchstack Wordfence WPScan

High 8.8

2021-01-01< 6.6.2

CVE-2020-35935

CVE Wordfence Patchstack WPScan

Medium 4.3

2021-01-01< 6.6.2

CVE-2020-35934

CVE Wordfence Patchstack WPScan

Medium 4.8

2021-11-23< 6.8.0

CVE-2021-24830

CVE Patchstack Wordfence WPScan