Lucene search
K

171 matches found

RedhatCVE
RedhatCVE
added 2025/04/26 5:5 p.m.13 views

CVE-2025-39377

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through = 1.3.4...

8.5CVSS7.3AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.5 views

CVE-2025-39377

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through = 1.3.4...

8.5CVSS0.00267EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 4:8 p.m.47 views

CVE-2025-39377

CVE-2025-39377 – WordPress Appsero Helper plugin

8.5CVSS7.3AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.4 views

PT-2025-17743 · Wedevs · Wedevs Appsero Helper

Name of the Vulnerable Software and Affected Versions: weDevs Appsero Helper versions n/a through 1.3.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

8.5CVSS9.2AI score0.00267EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/06 4:56 p.m.16 views

CVE-2025-32280

Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...

8.8CVSS7.2AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.12 views

CVE-2025-32280

Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...

8.8CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:59 p.m.25 views

CVE-2025-32280 WordPress WP Project Manager plugin < 2.6.25 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...

4.3CVSS0.00159EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.6 views

PT-2025-15032 · Wedevs · Wedevs Wp Project Manager

Name of the Vulnerable Software and Affected Versions: weDevs WP Project Manager versions prior to 2.6.23 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For weDevs WP Project...

8.8CVSS9AI score0.00159EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/03/29 3:22 p.m.32 views

CVE-2025-22649

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through = 2.6.22...

5.9CVSS7.2AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 12:12 p.m.16 views

CVE-2025-30896

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...

5.4CVSS7.2AI score0.00344EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 3:15 p.m.4 views

CVE-2025-22649

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22...

4.8CVSS7.3AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 3:5 p.m.59 views

CVE-2025-22649

CVE-2025-22649 refers to a stored XSS in the WordPress WP Project Manager plugin (versions

5.9CVSS7.2AI score0.0025EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/03/27 11:15 a.m.20 views

CVE-2025-30896

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...

5.4CVSS0.00344EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:55 a.m.23 views

CVE-2025-30896 WordPress WP ERP plugin <= 1.13.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...

5.4CVSS0.00344EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:55 a.m.59 views

CVE-2025-30896

CVE-2025-30896 is a Missing Authorization vulnerability in the WP ERP WordPress plugin. It affects WP ERP versions up to 1.13.4 (from n/a through 1.13.4) and arises from incorrectly configured access control security levels. The CVSS 3.1 base score is 5.4 (Medium). No exploitation details, affect...

5.4CVSS7.2AI score0.00344EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.10 views

PT-2025-13234 · Wedevs · Wedevs Wp Project Manager

Name of the Vulnerable Software and Affected Versions: weDevs WP Project Manager versions through 2.6.22 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means an attacker can inject malicious...

5.9CVSS8.7AI score0.0025EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 12:34 p.m.10 views

CVE-2024-43238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 11:5 a.m.20 views

CVE-2024-21747

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting.This issue affects WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CR...

7.6CVSS6.9AI score0.00581EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:59 a.m.16 views

CVE-2024-38693

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a through 4.0.7...

7.6CVSS7.7AI score0.00438EPSS
Exploits0
OSV
OSV
added 2025/01/02 12:15 p.m.5 views

CVE-2023-45765

Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through 1.12.6...

4.3CVSS6.7AI score
Exploits0References1
Rows per page
Query Builder