WordPress Task Manager plugin <= 3.0.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'task_id' Parameter vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution via 'taskid' Parameter vulnerability discovered by theviper17y in WordPress Plugin Task Manager versions = 3.0.2...

WordPress Task Manager plugin <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Read vulnerability

Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by theviper17y in WordPress Plugin Task Manager versions = 3.0.2...

EUVD-2026-14150

The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...

CVE-2026-4004

CVE-2026-4004 affects the WordPress Task Manager plugin up to version 3.0.2. The vulnerability stems from missing capability checks in the callback_search() function and insufficient input validation that lets shortcode syntax (square brackets) pass through sanitize_text_field() and be concatenat...

CVE-2026-2351

The Task Manager plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.0.2 via the callbackgettextfromurl function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...

CVE-2025-60078 WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia – Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through = 3.0.2...

CVE-2025-60078 WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia – Montpellier Task Manager task-manager allows PHP Local File Inclusion.This issue affects Task Manager: from n/a through = 3.0.2...

WordPress plugin Task Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Task Manager versions = 3.0.2...

WordPress Task Manager Pro plugin <=1.3.1 - Multiple Authenticated Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Cross-Site Scripting XSS vulnerabilities found in WordPress Task Manager Pro premium plugin version 1.3.1 and earlier versions by 8bitsec. Solution 2017.07.29 - We were unable to find information about patched release of WordPress Task Manager Pro plugin. The last record on...