Wedevs Wp Project Manager
7 CVEs affecting Wedevs Wp Project Manager. Latest disclosed: 2025-12-30. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-34383 | High | 8.5 | 2023-11-03 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows S… |
CVE-2024-12015 | High | 7.7 | 2024-12-02 | The 'Project Manager' WordPress Plugin is affected by an authenticated SQL injection vulnerability in the 'orderby' parameter in the '/pm/v2/activites' route. |
CVE-2025-68040 | Medium | 6.5 | 2025-12-30 | Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.Thi… |
CVE-2023-40003 | Medium | 6.5 | 2024-12-13 | Missing Authorization vulnerability in weDevs WP Project Manager wedevs-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels… |
CVE-2025-22649 | Medium | 5.9 | 2025-03-27 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager wedevs-project-manager allows S… |
CVE-2025-58269 | Medium | 5.3 | 2025-09-22 | Use of Hard-coded Credentials vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP P… |
CVE-2025-32280 | Medium | 4.3 | 2025-04-04 | Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Pro… |