Is "Advanced Access Manager" safe?
WordPress Plugin security and safety information.
Rating: Good (current version safe)
Recommendations
Advanced Access Manager: Plugin Details
| Type: | Plugin |
| Author: | vasyltech |
| URL: | https://wordpress.org/plugins/advanced-access-manager/ |
| Latest Version: | 6.9.46 |
Advanced Access Manager: Security Information
| Insecure versions: | Up To 6.9.20 |
| Known since: | 2024-03-22 02:00:17 |
| Insecure versions: | Up To 6.9.18 |
| Known since: | 2024-01-05 02:00:10 |
| Insecure versions: | Up To 6.9.18 |
| Known since: | 2024-01-05 02:00:09 |
| Insecure versions: | Up To 6.9.15 |
| Known since: | 2024-01-05 02:00:08 |
| Insecure versions: | Up To 6.7.9 |
| Known since: | 2021-10-21 19:05:16 |
| Insecure versions: | Up To 5.9.8.1 |
| Known since: | 2020-08-20 15:44:15 |
| Description: | Advanced Access Manager before Version 5.9.9 allows reading arbitrary files without checking whether a user is allowed to read the given file. |
| Insecure versions: | Up To 6.6.1 |
| Known since: | 2020-08-20 15:42:52 |
| Description: | The plugin’s aam/v1/authenticate and aam/v2/authenticate REST endpoints were set to respond to a successful login with a json-encoded copy of all metadata about the user, potentially exposing users’ information to an attacker or low-privileged user. |
| Insecure versions: | Up To 6.6.1 |
| Known since: | 2020-08-20 15:14:17 |
| Description: | A low-privileged user could assign themselves or switch to any role with an equal or lesser user level, or any role that did not have an assigned user level. |
| Insecure versions: | Up To 3.2.1 |
| Known since: | 2016-06-27 20:58:44 |
| Insecure versions: | Up To 3.2.1 |
| Known since: | 2016-06-27 20:58:44 |
Advanced Access Manager: Safety Recommendations
We have rated Advanced Access Manager as Good (current version safe) which means that we have found vulnerabilities in older versions.
We recommend that you only use the latest version of Advanced Access Manager.
Advanced Access Manager: Staying Up-to-date
Make sure your installation of Advanced Access Manager is safe with the following free Jetpack services for WordPress sites:
- Updates & Management
Turn on auto-updates for Advanced Access Manager or manage in bulk. - Prevent Infiltrations
Automatic protection against brute force attacks and secure sign on.
Advanced Access Manager: Keeping Safe
If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:
- Automated Backups
Full backup of your entire site with unlimited storage space. - Restores & Migrations
Restore or migrate your site from a backup with one click. - Security Scanning
Regular, automated scans of your site for malware, threats, and hacks. - Expert Support
Fast, priority support for any WordPress security issue.
About this information
This WordPress security information is part of our security library and is brought to you by Jetpack as part of our committment to a safer WordPress experience.
If you have any questions, please do not hesitate to contact us.
Jetpack 