Lucene search
K

4 matches found

NVD
NVD
added 2024/12/19 2:15 a.m.28 views

CVE-2024-10548

The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List '/wp-json/pm/v2/projects/1/task-lists' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/19 1:45 a.m.23 views

CVE-2024-10548 WP Project Manager <= 2.6.15 - Authenticated (Subscriber+) Sensitive Information Exposure via Project Task List REST API

The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List '/wp-json/pm/v2/projects/1/task-lists' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS0.00384EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/19 1:45 a.m.18 views

CVE-2024-10548 WP Project Manager <= 2.6.15 - Authenticated (Subscriber+) Sensitive Information Exposure via Project Task List REST API

The WP Project Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.15 via the Project Task List '/wp-json/pm/v2/projects/1/task-lists' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS6.5AI score0.00384EPSS
Exploits0References2
CVE
CVE
added 2024/12/19 1:45 a.m.91 views

CVE-2024-10548

CVE-2024-10548 affects the WordPress plugin WP Project Manager (Task, team, and project management) and is due to a Sensitive Information Exposure vulnerability in the REST endpoint "/wp-json/pm/v2/projects/1/task-lists". The issue is exploitable by authenticated users with Subscriber+ privileges...

6.5CVSS6.5AI score0.00384EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder