CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter

The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccessmsg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Software Issue Manager 跨站脚本漏洞

The WordPress Software Issue Manager plugin is a project-based WordPress plugin for tracking software defects, issues, tasks, and product feature requests, with support for customized reporting. The WordPress Software Issue Manager plugin suffers from a cross-site scripting vulnerability that ste...

PT-2025-32624 · WordPress · Software Issue Manager

Name of the Vulnerable Software and Affected Versions: Software Issue Manager plugin for WordPress versions up to and including 5.0.1 Description: The Software Issue Manager plugin for WordPress is susceptible to Stored Cross-Site Scripting through the noaccess msg parameter due to insufficient...