2 matches found
CVE-2026-9237
The Employee, Leave and Recruitment Management System – Crew HRM plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
WordPress Crew HRM plugin <= 1.1.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Crew HRM versions = 1.1.1...