Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyr project manager project zephyr project manager vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-31237
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a up to and including 3.3.9.
Zephyr Project Manager Project Zephyr Project Manager
6.1
CVSSv3
CVE-2022-1822
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated ...
Zephyr Project Manager Project Zephyr Project Manager
8.8
CVSSv3
CVE-2023-34373
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
Zephyr Project Manager Project Zephyr Project Manager
9.8
CVSSv3
CVE-2022-2840
The Zephyr Project Manager WordPress plugin prior to 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections
Zephyr Project Manager Project Zephyr Project Manager
1 EDB exploit
5.4
CVSSv3
CVE-2022-3333
A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/ of the component REST Call Handler. The manipulation of the argument onanimationstart leads to cross site scripting...
Zephyr-one Zephyr Project Manager
5.4
CVSSv3
CVE-2022-2839
The Zephyr Project Manager WordPress plugin prior to 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it coul...
Zephyr-one Zephyr Project Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started