getgrav Grav Plugin Admin Vulnerabilities

Getgrav Grav-plugin-admin vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

13 April 2021

Plugins can be installed with minimal admin privileges
CVE-2021-29439
GetgravGrav-plugin-admin7.2HIGH

7 April 2021

Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
CVE-2021-21425
GetgravGrav-plugin-admin👾🟡EPSS 91%9.3CRITICAL