Lucene search
K

171 matches found

NVD
NVD
added 2026/03/13 7:54 p.m.10 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS0.00308EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:41 a.m.2 views

CVE-2026-31917

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

5.8AI score0.00308EPSS
Exploits0References2
CVE
CVE
added 2026/03/13 11:41 a.m.14 views

CVE-2026-31917

The CVE concerns the WordPress WP ERP plugin by weDevs (ERP component) with versions up to 1.16.10 exposed to SQL Injection due to improper neutralization of user input. The issue affects WP ERP from unspecified earlier versions through 1.16.10. The provided documents do not specify exploit detai...

8.5CVSS5.8AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:41 a.m.25 views

CVE-2026-31917 WordPress WP ERP plugin <= 1.16.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = 1.16.10...

8.5CVSS0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.6 views

PT-2026-25172

🟠 CVE-2026-31917 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = ... https://t.co/rmxKLdVO6O https://t.co/0W8qwfmY6K...

8.5CVSS5.8AI score0.00308EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-24944

Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe2: from n/a through = 10.44...

6.5CVSS5.5AI score0.0017EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.10 views

CVE-2026-24944

Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe2: from n/a through = 10.44...

6.5CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.12 views

CVE-2026-24944

CVE-2026-24944 affects the WordPress Subscribe2 plugin up to version 10.44, describing a Missing Authorization/Broken Access Control vulnerability that allows exploitation of incorrectly configured access control security levels. Public sources (NVD, Red Hat, CVE/CVE-List, Patchstack) corroborate...

6.5CVSS5.5AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.29 views

CVE-2026-24944 WordPress Subscribe2 plugin <= 10.44 - Broken Access Control vulnerability

Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe2: from n/a through = 10.44...

6.5CVSS0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:47 p.m.4 views

CVE-2026-24944

Missing Authorization vulnerability in weDevs Subscribe2 subscribe2 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscribe2: from n/a through = 10.44...

6.5CVSS5.4AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.5 views

PT-2026-21230

Name of the Vulnerable Software and Affected Versions weDevs Subscribe2 versions through 10.44 Description An authorization issue exists in weDevs Subscribe2, allowing exploitation of incorrectly configured access control security levels. Recommendations Update weDevs Subscribe2 to a version late...

6.5CVSS5.3AI score0.0017EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.10 views

CVE-2023-49860

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts allows Stored XSS.This issue affects WP Project Manager – Task, team, and project...

6.5CVSS6.7AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.13 views

CVE-2023-45765

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.12.6...

4.3CVSS7.3AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.15 views

CVE-2023-45002

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8...

4.3CVSS8AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.8 views

CVE-2023-40003

Missing Authorization vulnerability in weDevs WP Project Manager wedevs-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Project Manager: from n/a through = 2.6.7...

9.8CVSS7.3AI score0.00479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.10 views

CVE-2024-34442

Missing Authorization vulnerability in weDevs weDocs.This issue affects weDocs: from n/a through 2.1.4...

5.3CVSS6.9AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/31 12:2 a.m.8 views

CVE-2025-68040

Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through = 3.0.1...

6.5CVSS5.9AI score0.00223EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 12:32 a.m.5 views

EUVD-2025-205670

Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through 3.0.1...

6.5CVSS6.4AI score0.00223EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 12:15 a.m.4 views

CVE-2025-68040

Insertion of Sensitive Information Into Sent Data vulnerability in weDevs WP Project Manager wedevs-project-manager allows Retrieve Embedded Sensitive Data.This issue affects WP Project Manager: from n/a through = 3.0.1...

6.5CVSS0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 7:33 a.m.4 views

CVE-2025-67546

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs WP ERP erp allows Retrieve Embedded Sensitive Data.This issue affects WP ERP: from n/a through = 1.16.6...

6.5CVSS6.9AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder