CVE-2026-32485

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.2.8...

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

EUVD-2026-15829

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.2.8...

CVE-2026-32485

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.2.8...

CVE-2026-32485

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.2.8...

PT-2026-27851

Name of the Vulnerable Software and Affected Versions weDevs WP User Frontend versions prior to 4.2.5 Description An authorization issue exists in weDevs WP User Frontend. The issue involves exploiting incorrectly configured access control security levels. Recommendations Update weDevs WP User...

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

CVE-2025-68040

Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through = 3.0.1...

CVE-2025-67546

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs WP ERP erp allows Retrieve Embedded Sensitive Data.This issue affects WP ERP: from n/a through = 1.16.6...

EUVD-2025-204040

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs WP ERP erp allows Retrieve Embedded Sensitive Data.This issue affects WP ERP: from n/a through = 1.16.6...

EUVD-2025-30519

Malicious code in bioql PyPI...

CVE-2025-22649

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22...

PT-2025-1496 · Wedevs · Wedevs Wp Erp

Name of the Vulnerable Software and Affected Versions: weDevs WP ERP versions 1.12.6 and earlier Description: The issue is related to a missing authorization vulnerability in weDevs WP ERP, which allows exploiting incorrectly configured access control security levels. Recommendations: For weDevs ...

PT-2024-19034 · Wedevs · Wedevs Wp Erp

Name of the Vulnerable Software and Affected Versions: weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting versions 1.12.8 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also...

CVE-2021-36826

Authenticated subscriber or higher user role if allowed to access projects Stored Cross-Site Scripting XSS vulnerability in weDevs WP Project Manager plugin = 2.4.13 versions...