Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin: from n/a through 4.3.6.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00124.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Church Admin Project Subscribe
Church Admin Subscribe

Configuration 1 [-]

cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-35398 Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin: from n/a through 4.3.6.
Fixes

Solution

Update to 4.4.0 or a higher version.

Workaround

No workaround given by the vendor.

References
Link Providers
https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-3-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve cve-icon cve-icon cve-icon
History

Wed, 21 Jan 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Church Admin Project
Church Admin Project church Admin
CPEs cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*
Vendors & Products Church Admin Project
Church Admin Project church Admin

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00086}

 epss

{'score': 0.00089}

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00067}

 epss

{'score': 0.00086}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2024-08-02T03:14:53.461Z

Reserved: 2024-05-17T10:07:37.225Z

Link: CVE-2024-35637

cve-icon Vulnrichment

Updated: 2024-08-02T03:14:53.461Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-03T09:15:09.390

Modified: 2026-01-21T21:36:26.980

Link: CVE-2024-35637

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses