2 matches found
Wordpress Zephyr Project Manager 3.2.42 Plugin - Multiple SQL injection Vulnerabilities
Exploit Title: Wordpress Plugin Zephyr Project Manager 3.2.42 - Multiple SQLi Exploit Author: Rizacan Tufan Blog Post: https://rizax.blog/blog/wordpress-plugin-zephyr-project-manager-multiple-sqli-authenticated Software Link: https://wordpress.org/plugins/zephyr-project-manager/ Vendor Homepage:...
CVE-2022-2840
Summary (CVE-2022-2840 – Zephyr Project Manager WordPress plugin) The Zephyr Project Manager WordPress plugin (versions prior to 3.2.5) is vulnerable to SQL injection due to unsanitized/uncleaned input used in SQL queries via multiple AJAX actions, accessible to unauthenticated and authenticated ...