Wedevs Wp_project_manager

16 CVEs affecting Wedevs Wp_project_manager. Latest disclosed: 2025-04-11. Critical: 0, High: 3.

Top CVEs affecting Wedevs Wp_project_manager
CVESeverityScorePublishedSummary
CVE-2023-3636High8.82023-08-31The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.4 due to insufficient restriction on th…
CVE-2023-34383High8.52023-11-03Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows S…
CVE-2024-10174High7.32024-11-13The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direc…
CVE-2024-13500Medium6.52025-02-15The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to time-based SQL…
CVE-2024-13752Medium6.52025-02-15The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to unauthorized l…
CVE-2024-12195Medium6.52025-01-04The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection…
CVE-2024-10548Medium6.52024-12-19The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task L…
CVE-2023-40003Medium6.52024-12-13Missing Authorization vulnerability in weDevs WP Project Manager wedevs-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels…
CVE-2023-49860Medium6.52023-12-14Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager – Task, team, and project manag…
CVE-2025-2541Medium6.42025-04-11The WP Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due…
CVE-2025-3100Medium6.42025-04-09The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Stored Cross-S…
CVE-2025-22649Medium5.92025-03-27Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager wedevs-project-manager allows S…
CVE-2021-36826Medium5.42022-04-04Authenticated (subscriber or higher user role if allowed to access projects) Stored Cross-Site Scripting (XSS) vulnerability in weDevs WP Project Manager plugi…
CVE-2024-10520Medium5.32024-11-20The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the '…
CVE-2025-32280Medium4.32025-04-04Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Pro…
CVE-2020-36745Medium4.32023-07-01The WP Project Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.0. This is due to missing or inco…