Jeson Customer Relationship Management System 代码问题漏洞

Jeson Customer Relationship Management System is a lightweight customer relationship management system developed by DefaultFunction’s individual developer. The Jeson Customer Relationship Management System has code vulnerabilities; these vulnerabilities stem from incorrect handling of parameters ...

CVE-2026-3616

The CVE affects DefaultFuction Jeson Customer Relationship Management System 1.0.0. The vulnerability is in /modules/customers/edit.php, where manipulating the ID parameter results in a SQL injection. The exploit is publicly available and may be invoked remotely, with exploit maturity listed as p...

CVE-2026-1734

A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The...

CVE-2025-62106

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.5...

CVE-2025-62106

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.5...

CVE-2025-62106

The WP-CRM System WordPress plugin is affected by a Missing Authorization / Broken Access Control vulnerability through version 3.4.5. Reports describe missing capability checks on wpcrm_get_email_recipients and wpcrm_system_ajax_task_change_status AJAX endpoints, allowing authenticated users (su...

CVE-2025-62106 WordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.5...

CVE-2025-62106 WordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.5...

WordPress plugin WP-CRM System has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-3995

Name of the Vulnerable Software and Affected Versions WP-CRM System versions through 3.4.5 Description An authorization issue exists in the WP-CRM System, allowing exploitation of incorrectly configured access control security levels. Recommendations Update WP-CRM System to a version later than...

CVE-2025-14854

The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrmgetemailrecipients and wpcrmsystemajaxtaskchangestatus AJAX functions in all versions up to, and including, 3.4.5. This makes it possible for authenticated attackers, with...

CVE-2025-14854

The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrmgetemailrecipients and wpcrmsystemajaxtaskchangestatus AJAX functions in all versions up to, and including, 3.4.5. This makes it possible for authenticated attackers, with...

CVE-2025-14854

The WP-CRM System WordPress plugin has an unauthorized-access vulnerability due to missing capability checks in AJAX handlers wpcrm_get_email_recipients and wpcrm_system_ajax_task_change_status, affecting all versions up to 3.4.5. Authenticated users with subscriber-level access and above can enu...

WordPress plugin WP-CRM System 安全漏洞

The WordPress WP-CRM System plugin is a Customer Relationship Management CRM tool designed for WordPress websites that allows users to manage customer data, tasks and projects directly from the WordPress backend. WordPress WP-CRM System plugin suffers from an unauthorized access vulnerability tha...

PT-2026-2818

The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrm get email recipients and wpcrm system ajax task change status AJAX functions in all versions up to, and including, 3.4.5. This makes it possible for authenticated attackers,...

CVE-2025-62740

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.6...

CVE-2025-62740 WordPress WP-CRM System plugin <= 3.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.6...

CVE-2025-62740

CVE-2025-62740 concerns WP-CRM System (WordPress plugin) versions up to and including 3.4.5. The issue is described as a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling access without proper authorization. The NVD/MITRE-style data show...

CVE-2025-62740 WordPress WP-CRM System plugin <= 3.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through = 3.4.6...

WordPress plugin WP-CRM System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...