Mantus667 Wp-pmanager

3 CVEs affecting Mantus667 Wp-pmanager. Latest disclosed: 2025-05-15. Critical: 0, High: 1.

Top CVEs affecting Mantus667 Wp-pmanager
CVESeverityScorePublishedSummary
CVE-2024-13875High7.12025-03-20The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site…
CVE-2025-2248Medium5.42025-05-15The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL inject…
CVE-2025-2247Medium5.42025-05-15The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admi…