45 matches found
CVE-2026-6225
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-6225 Taskbuilder – Project Management & Task Management Tool With Kanban Board <= 5.0.6 - Authenticated (Subscriber+) Time-Based Blind SQL Injection via 'project_search' Parameter
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
EUVD-2026-30251
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-6225
The CVE concerns the WordPress plugin Taskbuilder – Project Management & Task Management Tool With Kanban Board . It is vulnerable to a time-based blind SQL Injection via the 'project_search' parameter in all versions up to and including 5.0.6 , caused by insufficient escaping and inadequate prep...
PT-2026-40888
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'project search' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
WordPress plugin Taskbuilder SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-2289
The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
EUVD-2026-9353
The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2026-2289
The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2026-2289
The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
WordPress Taskbuilder plugin <= 5.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Block Emails' Field vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via 'Block Emails' Field vulnerability discovered by Phap Nguyen Anh - FIS in WordPress Plugin Taskbuilder versions = 5.0.3...
CVE-2026-1640
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.0.2. This is due to missing authorization checks on the project and task comment submission functions AJAX actions:...
CVE-2026-1639
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sortby' parameters in all versions up to, and including, 5.0.2 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-1640
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.0.2. This is due to missing authorization checks on the project and task comment submission functions AJAX actions:...
CVE-2026-1640
CVE-2026-1640 affects the WordPress Taskbuilder plugin (versions
CVE-2026-1639
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sortby' parameters in all versions up to, and including, 5.0.2 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-1639
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sortby' parameters in all versions up to, and including, 5.0.2 due to insufficient escaping on the user supplied parameter and lack of...
PT-2026-20279
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sort by' parameters in all versions up to, and including, 5.0.2 due to insufficient escaping on the user supplied parameter and lack of...
PT-2026-20280
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.0.2. This is due to missing authorization checks on the project and task comment submission functions AJAX actions: wppm submit proj...
WordPress Taskbuilder plugin <= 5.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Project/Task Comment Creation vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Project/Task Comment Creation vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin Taskbuilder versions = 5.0.2...