cbcvebase.

Dylan James Zephyr Project Manager vulnerabilities

10 known vulnerabilities affecting dylan_james/zephyr_project_manager.

Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2024-37484P3HIGHCVSS 8.8≥ n/a, ≤ 3.3.972024-07-09
CVE-2024-37484 [HIGH] CWE-269 CVE-2024-37484: Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege E Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97.
nvd
CVE-2024-43322P3CRITICALCVSS 9.8≥ n/a, ≤ 3.3.1002024-08-18
CVE-2024-43322 [CRITICAL] CWE-639 CVE-2024-43322: Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100.
nvd
CVE-2024-38761P3HIGHCVSS 7.5≥ n/a, ≤ 3.3.992024-08-01
CVE-2024-38761 [HIGH] CWE-200 CVE-2024-38761: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Proje Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99.
nvd
CVE-2025-54714P3HIGHCVSS 7.1≤ 3.3.2012025-08-28
CVE-2025-54714 [HIGH] CWE-862 CVE-2025-54714: Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager all Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.201.
nvd
CVE-2024-43916P3HIGHCVSS 7.1≥ n/a, ≤ 3.3.1022024-08-26
CVE-2024-43916 [HIGH] CWE-639 CVE-2024-43916: Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102.
nvd
CVE-2023-34373P4HIGHCVSS 8.8≥ n/a, ≤ 3.3.932023-06-19
CVE-2023-34373 [HIGH] CWE-352 CVE-2023-34373: Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3. Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
nvd
CVE-2025-39552P4MEDIUMCVSS 5.4≤ 3.3.2002025-04-16
CVE-2025-39552 [MEDIUM] CWE-862 CVE-2025-39552: Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager all Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.200.
nvd
CVE-2023-31237P4MEDIUMCVSS 6.1≥ n/a, ≤ 3.3.92023-12-29
CVE-2023-31237 [MEDIUM] CWE-601 CVE-2023-31237: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Mana URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.9.
nvd
CVE-2025-32526P4MEDIUMCVSS 6.1≤ 3.3.1012025-04-17
CVE-2025-32526 [MEDIUM] CWE-79 CVE-2025-32526: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through <= 3.3.101.
nvd
CVE-2024-43915P4MEDIUMCVSS 5.4≥ n/a, ≤ .3.1022024-08-26
CVE-2024-43915 [MEDIUM] CWE-79 CVE-2024-43915: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102.
nvd
Dylan James Zephyr Project Manager vulnerabilities | cvebase