CVE-2015-9390
The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.
Date published : 2019-09-20
https://security.szurek.pl/admin-management-xtended-240-privilege-escalation.html