Dylanjkotze Zephyr Project Manager
5 CVEs affecting Dylanjkotze Zephyr Project Manager. Latest disclosed: 2025-12-17. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7624 | High | 8.1 | 2024-08-15 | The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 3.3.101. This is due to the… |
CVE-2024-7356 | Medium | 6.4 | 2024-08-03 | The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘filename’ parameter in all versions up to, and including… |
CVE-2022-1822 | Medium | 6.1 | 2022-06-13 | The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3… |
CVE-2025-12496 | Medium | 4.9 | 2025-12-17 | The Zephyr Project Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.203 via the `file` parameter. Th… |
CVE-2025-10490 | Medium | 4.4 | 2025-09-26 | The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.3.202 d… |