| CVE-2024-10520 | WP Project Manager <= 2.6.14 - Missing Authorization to Project Milestone and Task Creation/Deletion | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | Medium | 5.3 | 2024-11-20 11:33:11 | Deep Dive |
| CVE-2024-10174 | WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts <= 2.6.13 - Insecure Direct Object Reference to Unauthenticated Authorization Bypass | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | High | 7.3 | 2024-11-13 03:20:08 | Deep Dive |
| CVE-2024-8739 | ReCaptcha Integration for WordPress <= 1.2.5 - Reflected Cross-Site Scripting | wedevs | ReCaptcha Integration for WordPress | Medium | 6.1 | 2024-11-02 02:03:08 | Deep Dive |
| CVE-2024-47640 | WordPress WP ERP plugin <= 1.13.2 - Reflected Cross Site Scripting (XSS) vulnerability | weDevs | WP ERP | High | 7.1 | 2024-10-29 13:10:19 | Deep Dive |
| CVE-2024-38693 | WordPress WP User Frontend plugin <= 4.0.7 - SQL Injection vulnerability | weDevs | WP User Frontend | High | 7.6 | 2024-08-29 14:05:54 | Deep Dive |
| CVE-2024-43238 | WordPress weMail plugin <= 1.14.5 - Cross Site Scripting (XSS) vulnerability | weDevs | weMail | High | 7.1 | 2024-08-18 13:38:44 | Deep Dive |
| CVE-2024-37946 | WordPress ReCaptcha Integration for WordPress plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability | weDevs | ReCaptcha Integration for WordPress | Medium | 5.9 | 2024-07-20 08:49:47 | Deep Dive |
| CVE-2024-6666 | WP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL Injection via vendor_id | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | High | 8.8 | 2024-07-11 06:43:14 | Deep Dive |
| CVE-2024-3922 | Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection | wedevs | Dokan Pro | Critical | 10.0 | 2024-06-13 02:05:23 | Deep Dive |
| CVE-2024-34822 | WordPress weMail plugin <= 1.14.2 - Broken Access Control vulnerability | weDevs | weMail | Medium | 5.3 | 2024-06-11 15:26:25 | Deep Dive |
| CVE-2024-34442 | WordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerability | weDevs | weDocs | Medium | 5.3 | 2024-06-11 13:34:42 | Deep Dive |
| CVE-2023-52217 | WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability | weDevs | WooCommerce Conversion Tracking | Medium | 4.3 | 2024-06-11 09:26:47 | Deep Dive |
| CVE-2023-47682 | WordPress WP User Frontend plugin <= 3.6.5 - Authenticated Privilege Escalation vulnerability | weDevs | WP User Frontend | High | 7.2 | 2024-05-17 08:36:13 | Deep Dive |
| CVE-2024-1173 | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (AccountingManager+) SQL Injection | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | High | 7.2 | 2024-05-02 16:52:26 | Deep Dive |
| CVE-2024-0952 | WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection via id | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | High | 7.2 | 2024-04-09 18:59:33 | Deep Dive |
| CVE-2024-0956 | WP ERP <= 1.13.0 - Authenticated (AccountingManager+) SQL Injection | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | Medium | 4.9 | 2024-03-29 06:44:03 | Deep Dive |
| CVE-2024-0609 | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Unauthenticated Stored Cross-Site Scripting | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | High | 7.2 | 2024-03-29 06:44:02 | Deep Dive |
| CVE-2024-0608 | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (Subscriber+) SQL Injection | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | Medium | 6.5 | 2024-03-29 06:44:01 | Deep Dive |
| CVE-2024-0913 | WP ERP <= 1.13.0 - Authenticated (Accounting Manager+) SQL Injection | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | High | 7.2 | 2024-03-29 06:44:00 | Deep Dive |
| CVE-2024-24711 | WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability | weDevs | WooCommerce Conversion Tracking | Medium | 4.3 | 2024-03-26 11:43:10 | Deep Dive |