Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 79 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-31118 WordPress SP Project & Document Manager plugin <= 4.70 - Broken Access Control to XSS vulnerability SmartypantsSP Project & Document Manager Medium 6.5 2026-02-17 15:04:26 Deep Dive
CVE-2020-37004 Ultimate Project Manager CRM PRO 2.0.5 - SQLi Credentials Leakage codexcubeUltimate Project Manager CRM PRO High 8.2 2026-01-29 14:28:29 Deep Dive
CVE-2025-68898 WordPress Synergy Project Manager plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability cjjparadoxmaxSynergy Project Manager--2026-01-22 16:52:12 Deep Dive
CVE-2025-68040 WordPress WP Project Manager plugin <= 3.0.1 - Sensitive Data Exposure vulnerability weDevsWP Project Manager Medium 6.5 2025-12-29 23:25:11 Deep Dive
CVE-2025-12496 Zephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request Forgery dylanjkotzeZephyr Project Manager Medium 4.9 2025-12-17 07:21:01 Deep Dive
CVE-2025-8994 WP Project Manager <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator' wedevsProject Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker Medium 6.5 2025-11-15 05:45:34 Deep Dive
CVE-2025-10490 Zephyr Project Manager <= 3.3.202 - Authenticated (Admin+) Stored Cross-Site Scripting dylanjkotzeZephyr Project Manager Medium 4.4 2025-09-26 06:43:30 Deep Dive
CVE-2025-58269 WordPress WP Project Manager Plugin <= 2.6.25 - Sensitive Data Exposure Vulnerability weDevsWP Project Manager Medium 5.3 2025-09-22 18:23:16 Deep Dive
CVE-2025-54714 WordPress Zephyr Project Manager Plugin <= 3.3.201 - Broken Access Control Vulnerability Dylan JamesZephyr Project Manager High 7.1 2025-08-28 12:37:35 Deep Dive
CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designProject Management, Bug and Issue Tracking Plugin – Software Issue Manager Medium 6.4 2025-08-12 04:25:41 Deep Dive
CVE-2025-4987 Stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x Dassault SystèmesProject Portfolio Manager High 8.7 2025-06-16 07:22:02 Deep Dive
CVE-2025-4985 Stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x Dassault SystèmesProject Portfolio Manager High 8.7 2025-05-30 14:19:28 Deep Dive
CVE-2025-3855 CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injection CodeCanyonRISE Ultimate Project Manager Medium 4.3 2025-04-22 00:31:09 Deep Dive
CVE-2025-32526 WordPress Zephyr Project Manager plugin <= 3.3.101 - Cross Site Scripting (XSS) vulnerability Dylan JamesZephyr Project Manager High 7.1 2025-04-17 15:47:41 Deep Dive
CVE-2025-39552 WordPress Zephyr Project Manager plugin <= 3.3.200 - Broken Access Control Vulnerability Dylan JamesZephyr Project Manager Medium 5.4 2025-04-16 12:44:36 Deep Dive
CVE-2025-2541 WP Project Manager <= 2.6.22 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload wedevsProject Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker Medium 6.4 2025-04-11 11:11:56 Deep Dive
CVE-2025-3100 WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Upload wedevsProject Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker Medium 6.4 2025-04-09 04:21:20 Deep Dive
CVE-2025-32280 WordPress WP Project Manager plugin < 2.6.25 - Cross Site Request Forgery (CSRF) Vulnerability weDevsWP Project Manager Medium 4.3 2025-04-04 15:59:49 Deep Dive
CVE-2025-22649 WordPress WP Project Manager plugin <= 2.6.22 - Cross Site Scripting (XSS) vulnerability weDevsWP Project Manager Medium 5.9 2025-03-27 15:05:39 Deep Dive
CVE-2024-13500 WP Project Manager <= 2.6.17 - Authenticated (Subscriber+) SQL Injection via orderby Parameter wedevsProject Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker Medium 6.5 2025-02-15 11:26:48 Deep Dive