Dylanjkotze Zephyr Project Manager

5 CVEs affecting Dylanjkotze Zephyr Project Manager. Latest disclosed: 2025-12-17. Critical: 0, High: 1.

Top CVEs affecting Dylanjkotze Zephyr Project Manager
CVESeverityScorePublishedSummary
CVE-2024-7624High8.12024-08-15The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 3.3.101. This is due to the…
CVE-2024-7356Medium6.42024-08-03The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘filename’ parameter in all versions up to, and including…
CVE-2022-1822Medium6.12022-06-13The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3…
CVE-2025-12496Medium4.92025-12-17The Zephyr Project Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.203 via the `file` parameter. Th…
CVE-2025-10490Medium4.42025-09-26The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.3.202 d…