6 matches found
EUVD-2026-40898
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to generic SQL Injection via the 'wppmprojfilter' parameter in all versions up to, and including, 5.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficie...
MINI-8W92-3CP9-WPPM
Bulletin has no description...
CVE-2024-11930
The Taskbuilder – WordPress Project & Task Management plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wppmtasks shortcode in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes...
PT-2025-1717 · WordPress · The Taskbuilder
Name of the Vulnerable Software and Affected Versions: The Taskbuilder – WordPress Project & Task Management plugin versions up to, and including, 3.0.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's wppm tasks shortcode due to insufficient input sanitization an...
WordPress Taskbuilder plugin <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via wppm_tasks Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via wppmtasks Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Taskbuilder versions = 3.0.6...
CVE-2014-4593
CVE-2014-4593 is a cross-site scripting (XSS) vulnerability in the WP Plugin Manager (WP Plugin Manager) plugin for WordPress, specifically in wp-plugins-net/index.php up to version 1.6.4.b. The flaw allows remote attackers to inject arbitrary web script or HTML via the filter parameter. Connecte...