CNNVD-202602-1276 Information
CNNVD ID
CNNVD-202602-1276
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
Adminer是Adminer开源的一个 WordPress 插件。允许 WordPress 管理员快速进行数据库管理。 Adminer 2.2.1之前版本存在访问控制错误漏洞,该漏洞源于Adminer路由无需Shopware管理员身份验证即可访问,可能导致未授权访问。
Description (English)
Adminer is a WordPress plugin from Adminer Open Source. Allows WordPress administrator to quickly manage the database. The previous version of Adminer 2.2.1 had an access control error gap, which stemmed from the fact that the Adminer route could be accessed without the identification of the Shopware administrator and could lead to unauthorized access.
Vulnerability Type
访问控制错误
Affected Vendor
Adminer
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/FriendsOfShopware/FroshPlatformAdminer/commit/c4dd6c3462af178b3a7d146d3c651c2c253e902b https://github.com/FriendsOfShopware/FroshPlatformAdminer/releases/tag/2.2.1 https://github.com/FriendsOfShopware/FroshPlatformAdminer/security/advisories/GHSA-f339-246p-wwjp
Patch
https://github.com/FriendsOfShopware/FroshPlatformAdminer/releases
Share on: