Low 2.2
2026-01-17< 5.0.29
Church Admin <= 5.0.28 - Authenticated (Administrator+) Blind Server-Side Request Forgery via 'audio_url' Parameter
Church Admin
Minimum safe version
5.0.29
Update to 5.0.29 or later to address 31 fixable vulnerabilities
Latest available5.0.31 ✓
Medium 5.3
2025-08-22< 5.0.27
CVE-2025-57896
Medium 4.3
2025-09-09< 5.0.10
CVE-2025-39553
Medium 6.5
2025-04-16< 5.0.24
CVE-2025-39555
Critical 9.3
2025-03-26< 5.0.19
CVE-2025-26941
Medium 5.3
2024-12-06< 5.0.9
CVE-2024-53795
High 7.1
2024-10-28< 5.0.0
CVE-2024-50438
Critical 9.9
2024-07-09< 4.4.7
CVE-2024-37418
Medium 4.3
2024-11-01< 4.4.5
CVE-2024-37440
Medium 6.5
2024-06-21< 4.4.5
CVE-2024-35764
Medium 4.4
2024-06-03< 4.4.0
CVE-2024-35637
Medium 4.3
2024-05-10< 4.2.0
CVE-2024-34828
Medium 4.3
2024-04-15< 4.0.28
CVE-2024-32090
Medium 6.3
2024-05-17< 4.1.7
CVE-2024-31281
Critical 9.9
2024-04-07< 4.1.6
CVE-2024-31280
Medium 4.3
2024-03-29< 4.1.8
CVE-2024-30493
Medium 5.4
2024-03-29< 4.1.19
CVE-2024-30505
High 8.5
2024-03-28< 4.0.28
CVE-2024-30244
Medium 6.5
2024-03-27< 4.0.27
CVE-2024-30197
Medium 6.5
2024-03-27< 4.1.18
CVE-2024-30193
Medium 5.5
2023-11-13< 3.8.0
CVE-2023-38515
High 7.1
2023-06-23< 3.7.30
CVE-2023-34021
High 7.1
2023-08-16< 3.7.6
CVE-2023-30782
N/A
< 0.4.3
Church Admin <= 0.4.2 - Cross-Site Scripting (XSS)
N/A
< 0.565
Church Admin 0.33.2.1 - Unauthenticated Directory Traversal
N/A
2014-08-01< 0.33.4.6
WordPress Church Admin Plugin <= 0.33.4.5 - Cross Site Scripting
N/A
2012-07-06< 0.33.4.6
WordPress Church Admin Plugin - Cross Site Scripting
N/A
2018-01-10< 0.565
WordPress Church Admin plugin <=0.564 - Unauthenticated Directory Traversal vulnerability
Medium 4.3
2022-03-28< 3.4.135
CVE-2022-0833
N/A
2015-05-28< 0.810
CVE-2015-4127
High 8.8
2019-08-16< 1.2550
CVE-2018-20971