CVE-2025-39395

CVE-2025-39395 affects the WordPress plugin WPAMS (Apartment Management System) versions n/a through 44.0 (17-08-2023). The issue is an SQL Injection due to improper neutralization of specific elements in SQL commands. CVSS 3.1/3.1 vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L, base score 9.3 (CRIT...

CVE-2025-39402

CVE-2025-39402 affects the WordPress plugin WPAMS (Apartment Management System) up to version 44.0. The issue is described as an Unrestricted Upload of File with Dangerous Type vulnerability that enables an attacker to upload a web shell to the web server. CVSS v3.1 metrics indicate a base score ...

CVE-2025-39405 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin WPAMS versions = 44.0 17-08-2023...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jingle Bells in WordPress Plugin WPAMS versions = 44.0 17-08-2023...