Advanced Access Manager – Access Governance for WordPress WordPress Plugin Security Vulnerabilities | WPScan

11

March 8, 2026

100000

Published

2024-03-20

Title

Advanced Access Manager < 6.9.21 - Reflected XSS

Fixed in

Fixed in 6.9.21

CVSS

7.1 (high)

Published

2024-03-16

Title

Advanced Access Manager < 6.9.21 - Admin+ Stored Cross-Site Scripting

Fixed in

Fixed in 6.9.21

CVSS

5.5 (medium)

Published

2023-12-27

Title

Advanced Access Manager < 6.9.19 - Contributor+ Stored XSS

Fixed in

Fixed in 6.9.19

CVSS

5.9 (medium)

Published

2023-12-27

Title

Advanced Access Manager < 6.9.19 - Open Redirect

Fixed in

Fixed in 6.9.19

CVSS

4.3 (medium)

Published

2023-12-26

Title

Advanced Access Manager < 6.9.16 - Contributor+ Stored XSS

Fixed in

Fixed in 6.9.16

CVSS

5.9 (medium)

Published

2021-10-19

Title

Advanced Access Manager < 6.8.0 - Admin+ Stored Cross-Site Scripting

Fixed in

Fixed in 6.8.0

CVSS

3.5 (low)

Published

2020-08-20

Title

Advanced Access Manager < 6.6.2 - Authenticated Authorization Bypass and Privilege Escalation

Fixed in

Fixed in 6.6.2

CVSS

7.5 (high)

Published

2020-08-20

Title

Advanced Access Manager < 6.6.2 - Authenticated Information Disclosure

Fixed in

Fixed in 6.6.2

CVSS

4.3 (medium)

Published

2019-09-05

Title

Advanced Access Manager < 5.9.9 - Unauthenticated Local File Inclusion

Fixed in

Fixed in 5.9.9

CVSS

9.1 (critical)

Published

2016-06-21

Title

Advanced Access Manager <= 3.2.1 - Privilege Escalation

Fixed in

Fixed in 3.2.2

CVSS

n/a

Published

2014-09-27

Title

Advanced Access Manager 2.8.2 - Admin User File Read/Write

Fixed in

Fixed in 2.8.3

CVSS

7.2 (high)