171 matches found
CVE-2025-39377
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through = 1.3.4...
CVE-2025-39377
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through = 1.3.4...
CVE-2025-39377
CVE-2025-39377 – WordPress Appsero Helper plugin
PT-2025-17743 · Wedevs · Wedevs Appsero Helper
Name of the Vulnerable Software and Affected Versions: weDevs Appsero Helper versions n/a through 1.3.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
CVE-2025-32280
Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...
CVE-2025-32280
Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...
CVE-2025-32280 WordPress WP Project Manager plugin < 2.6.25 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in weDevs WP Project Manager wedevs-project-manager allows Cross Site Request Forgery.This issue affects WP Project Manager: from n/a through 2.6.25...
PT-2025-15032 · Wedevs · Wedevs Wp Project Manager
Name of the Vulnerable Software and Affected Versions: weDevs WP Project Manager versions prior to 2.6.23 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For weDevs WP Project...
CVE-2025-22649
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through = 2.6.22...
CVE-2025-30896
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...
CVE-2025-22649
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22...
CVE-2025-22649
CVE-2025-22649 refers to a stored XSS in the WordPress WP Project Manager plugin (versions
CVE-2025-30896
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...
CVE-2025-30896 WordPress WP ERP plugin <= 1.13.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in weDevs WP ERP erp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through = 1.13.4...
CVE-2025-30896
CVE-2025-30896 is a Missing Authorization vulnerability in the WP ERP WordPress plugin. It affects WP ERP versions up to 1.13.4 (from n/a through 1.13.4) and arises from incorrectly configured access control security levels. The CVSS 3.1 base score is 5.4 (Medium). No exploitation details, affect...
PT-2025-13234 · Wedevs · Wedevs Wp Project Manager
Name of the Vulnerable Software and Affected Versions: weDevs WP Project Manager versions through 2.6.22 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means an attacker can inject malicious...
CVE-2024-43238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs weMail wemail allows DOM-Based XSS.This issue affects weMail: from n/a through = 1.14.5...
CVE-2024-21747
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting.This issue affects WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CR...
CVE-2024-38693
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a through 4.0.7...
CVE-2023-45765
Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through 1.12.6...