CMS Commander – Manage Multiple Sites

Vulnerabilities 4Slug cms-commander-clientLatest version 2.288WordPress.org →Closed
N/A Unfixed Closed
2026-03-20≤ 2.288

CMS Commander <= 2.288 - Authenticated (Custom+) SQL Injection via 'or_blogname' Parameter

WordfenceCVE
N/A Closed
2016-06-01< 2.22

CMS Commander – Manage Multiple Sites Plugin <= 2.21 - PHP Object Injection

Wordfence
N/A Closed
< 2.22

CMS Commander Client &lt;= 2.21 - Unauthenticated PHP Object Injection

WPScan