Mojoomla Wpams
8 CVEs affecting Mojoomla Wpams. Latest disclosed: 2026-06-17. Critical: 4, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-39401 | Critical | 10.0 | 2025-05-19 | Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affec… |
CVE-2025-39402 | Critical | 9.9 | 2025-05-19 | Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affec… |
CVE-2025-39406 | Critical | 9.8 | 2025-05-19 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPAMS apartment-management al… |
CVE-2025-39395 | Critical | 9.3 | 2025-05-19 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection… |
CVE-2025-39405 | High | 8.8 | 2025-05-19 | Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through <= 4… |
CVE-2025-39403 | High | 8.5 | 2025-05-19 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection… |
CVE-2025-39392 | High | 7.1 | 2025-05-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS… |
CVE-2026-39433 | Medium | 6.5 | 2026-06-17 | Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions. |