CVE-2025-32648

CVE-2025-32648 : In Projectopia (WordPress Project Management), an "Incorrect Privilege Assignment" vulnerability enables Privilege Escalation in versions up to 5.1.16 (affected). Exploitation context/impact (per sources) indicates a Total impact with critical severity (CVSS 3.1: AV:N/AC:L/PR:N/U...

WordPress Projectopia plugin <= 5.1.23 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin Projectopia versions = 5.1.23...

CVE-2024-54336 WordPress Projectopia plugin <= 5.1.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia allows Authentication Bypass.This issue affects Projectopia: from n/a through 5.1.7...

CVE-2024-54336 WordPress Projectopia plugin <= 5.1.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia projectopia-core allows Authentication Bypass.This issue affects Projectopia: from n/a through = 5.1.7...

WordPress Projectopia Plugin <= 5.1.4 is vulnerable to Cross Site Scripting (XSS)

Software Projectopia Type Plugin Vulnerable versions = 5.1.4 Fixed in 5.1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a7e5ac668596 Credits Rafie Muhammad Patchstack Required...