EUVD-2025-210157

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

CVE-2025-59133

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

CVE-2025-59133 WordPress Projectopia plugin <= 5.1.25.2 - Insecure Direct Object References (IDOR) vulnerability

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

CVE-2025-59133

CVE-2025-59133 describes an insecure direct object reference (IDOR) in the WordPress plugin Projectopia (WordPress Projectopia – projectopia-core) version

PT-2026-49347

Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...

CVE-2025-12876

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ptodeletefile AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

CVE-2025-12876

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ptodeletefile AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

CVE-2025-12876 Projectopia – WordPress Project Management <= 5.1.19 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ptodeletefile AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

CVE-2025-12876 Projectopia – WordPress Project Management <= 5.1.19 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ptodeletefile AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

EUVD-2025-201399

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ptodeletefile AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

CVE-2025-12876

CVE-2025-12876 concerns the WordPress plugin Projectopia – Project Management Tool. Wordfence and other connected sources confirm the vulnerability is due to a missing capability check in the pto_delete_file AJAX action, enabling unauthenticated attackers to delete attachments across all versions...

WordPress plugin Projectopia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-49234

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pto delete file AJAX action in all versions up to, and including, 5.1.19. This makes it possible for unauthenticated attackers to delete...

WordPress Projectopia – WordPress Project Management plugin <= 5.1.19 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Projectopia versions = 5.1.19...

WordPress Projectopia plugin <= 5.1.23 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by 0xVenus in WordPress Plugin Projectopia versions = 5.1.23...

EUVD-2024-52459

Malicious code in bioql PyPI...

EUVD-2025-15020

Malicious code in bioql PyPI...

EUVD-2025-28176

Malicious code in bioql PyPI...

EUVD-2025-11721

Malicious code in bioql PyPI...

CVE-2025-48257

Missing Authorization vulnerability in Projectopia Projectopia projectopia-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Projectopia: from n/a through = 5.1.17...