Security Overview · getgrav/grav-plugin-admin · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Plugins can be installed with minimal admin privileges
GHSA-wg37-cf5x-55hq published Apr 13, 2021 by rhukster

High
Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
GHSA-6f53-6qgv-39pj published Apr 6, 2021 by rhukster

Critical
Base64 path allows deletion of arbitrary files in media/file fields
GHSA-945r-cjfm-642c published Dec 10, 2020 by rhukster

Moderate
Vulnerability in backup file retrieval that can delete arbitrary files
GHSA-85r3-mf4x-qp8f published Dec 10, 2020 by rhukster

Moderate
Vulnerability in backup file retrieval that can expose arbitrary files
GHSA-vrvq-2pxg-rw5r published Dec 10, 2020 by rhukster

Moderate

Learn more about advisories related to getgrav/grav-plugin-admin in the GitHub Advisory Database