Exploit for CVE-2025-39401

CVE-2025-39401 WordPress WPAMS Plugin = 44.0 17-08-2023...

CVE-2025-39392 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39395

CVE-2025-39395 affects the WordPress plugin WPAMS (Apartment Management System) versions n/a through 44.0 (17-08-2023). The issue is an SQL Injection due to improper neutralization of specific elements in SQL commands. CVSS 3.1/3.1 vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L, base score 9.3 (CRIT...

CVE-2025-39402

CVE-2025-39402 affects the WordPress plugin WPAMS (Apartment Management System) up to version 44.0. The issue is described as an Unrestricted Upload of File with Dangerous Type vulnerability that enables an attacker to upload a web shell to the web server. CVSS v3.1 metrics indicate a base score ...

CVE-2025-39405 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39406 WordPress WPAMS plugin <= 44.0 - Local File Inclusion to Privilege Escalation vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in mojoomla WPAMS apartment-management allows PHP Local File Inclusion.This issue affects WPAMS: from n/a through = 44.0...

PT-2025-17527 · Mojoomla · Wpams

Name of the Vulnerable Software and Affected Versions: WPAMS versions prior to 44.0 Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows for Privilege Escalation. This vulnerability is associated with improper authentication in the WPAMS plugin on...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin WPAMS versions = 44.0 17-08-2023...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jingle Bells in WordPress Plugin WPAMS versions = 44.0 17-08-2023...

WordPress WPAMS Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WPAMS - Apartment Management System for wordpress - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wpams-apartment-management-system-for-wordpress/159468...