| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-3748 | SP Project & Document Manager <= 4.71 - Data Update via IDOR | Unknown | SP Project & Document Manager | - | - | 2024-05-15 06:00:04 | Deep Dive |
| CVE-2024-1693 | SP Project & Document Manager <= 4.70 - Authenticated (Subscriber+) Arbitrary Folder Name Update | smartypants | SP Project & Document Manager | Medium | 4.3 | 2024-05-09 20:03:20 | Deep Dive |
| CVE-2024-33923 | WordPress SP Project & Document Manager plugin <= 4.69 - Broken Access Control vulnerability | Smartypants | SP Project & Document Manager | Medium | 6.3 | 2024-05-03 08:24:58 | Deep Dive |
| CVE-2024-34148 | Jenkins Plugin Subversion Partial Release Manager 安全漏洞 | Jenkins Project | Jenkins Subversion Partial Release Manager Plugin | 中危 | - | 2024-05-02 13:28:06 | Deep Dive |
| CVE-2024-32551 | WordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerability | Smartypants | SP Project & Document Manager | High | 7.6 | 2024-04-18 10:27:01 | Deep Dive |
| CVE-2024-28159 | Jenkins Subversion Partial Release Manager Plugin 安全漏洞 | Jenkins Project | Jenkins Subversion Partial Release Manager Plugin | - | - | 2024-03-06 17:02:01 | Deep Dive |
| CVE-2024-28158 | Jenkins Subversion Partial Release Manager Plugin 安全漏洞 | Jenkins Project | Jenkins Subversion Partial Release Manager Plugin | - | - | 2024-03-06 17:02:00 | Deep Dive |
| CVE-2024-24868 | WordPress SP Project & Document Manager Plugin <= 4.69 is vulnerable to SQL Injection | Smartypants | SP Project & Document Manager | High | 8.5 | 2024-02-28 13:06:22 | Deep Dive |
| CVE-2024-0545 | CodeCanyon RISE Ultimate Project Manager signin redirect | CodeCanyon | RISE Ultimate Project Manager | Medium | 5.3 | 2024-01-15 06:00:06 | Deep Dive |
| CVE-2023-31237 | WordPress Zephyr Project Manager Plugin <= 3.3.9 is vulnerable to Open Redirection | Dylan James | Zephyr Project Manager | Medium | 4.7 | 2023-12-29 09:56:51 | Deep Dive |
| CVE-2023-49860 | WordPress WP Project Manager Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS) | weDevs | WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts | Medium | 6.5 | 2023-12-14 16:18:46 | Deep Dive |
| CVE-2023-36677 | WordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to SQL Injection | Smartypants | SP Project & Document Manager | 高危 | - | 2023-11-03 22:59:09 | Deep Dive |
| CVE-2023-34383 | WordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to SQL Injection | weDevs | WP Project Manager | 超危 | - | 2023-11-03 11:11:52 | Deep Dive |
| CVE-2023-3636 | WP Project Manager <= 2.6.4 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | High | 8.8 | 2023-08-31 05:33:09 | Deep Dive |
| CVE-2023-36530 | WordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to Cross Site Scripting (XSS) | Smartypants | SP Project & Document Manager | Medium | 5.9 | 2023-08-10 11:52:35 | Deep Dive |
| CVE-2023-3754 | Creativeitem Ekushey Project Manager CRM xxxxxxxx[random-msg-hash] cross site scripting | Creativeitem | Ekushey Project Manager CRM | Low | 3.5 | 2023-07-19 03:00:05 | Deep Dive |
| CVE-2020-36745 | WP Project Manager <= 2.4.0 - Cross-Site Request Forgery Bypass | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | Medium | 4.3 | 2023-07-01 04:26:52 | Deep Dive |
| CVE-2023-3063 | SP Project & Document Manager <= 4.67 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password Change | smartypants | SP Project & Document Manager | High | 8.8 | 2023-06-30 01:56:17 | Deep Dive |
| CVE-2023-34373 | WordPress Zephyr Project Manager Plugin <= 3.3.93 is vulnerable to Cross Site Request Forgery (CSRF) | Dylan James | Zephyr Project Manager | Medium | 5.4 | 2023-06-19 12:33:32 | Deep Dive |
| CVE-2022-2839 | Zephyr Project Manager < 3.2.55 - Unauthorised AJAX Calls To Stored XSS | Unknown | Zephyr Project Manager | 中危 | - | 2022-10-03 13:45:24 | Deep Dive |