Zephyr-one Zephyr_project_manager

10 CVEs affecting Zephyr-one Zephyr_project_manager. Latest disclosed: 2025-04-17. Critical: 1, High: 4.

Top CVEs affecting Zephyr-one Zephyr_project_manager
CVESeverityScorePublishedSummary
CVE-2022-2840Critical9.82022-09-19The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX a…
CVE-2024-37484High8.82024-07-09Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n…
CVE-2024-7624High8.12024-08-15The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 3.3.101. This is due to the…
CVE-2024-38761High7.52024-08-01Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from…
CVE-2025-32526High7.12025-04-17Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager…
CVE-2024-7356Medium6.42024-08-03The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘filename’ parameter in all versions up to, and including…
CVE-2024-43915Medium5.52024-08-26Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflecte…
CVE-2024-43322Medium5.42024-08-18Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a throug…
CVE-2022-2839Medium5.42022-10-03The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated use…
CVE-2022-3333Low3.52022-09-28A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/cr…