Dylan James Zephyr Project Manager vulnerabilities
10 known vulnerabilities affecting dylan_james/zephyr_project_manager.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2024-37484P3HIGHCVSS 8.8≥ n/a, ≤ 3.3.972024-07-09
CVE-2024-37484 [HIGH] CWE-269 CVE-2024-37484: Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege E
Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97.
nvd
CVE-2024-43322P3CRITICALCVSS 9.8≥ n/a, ≤ 3.3.1002024-08-18
CVE-2024-43322 [CRITICAL] CWE-639 CVE-2024-43322: Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100.
nvd
CVE-2024-38761P3HIGHCVSS 7.5≥ n/a, ≤ 3.3.992024-08-01
CVE-2024-38761 [HIGH] CWE-200 CVE-2024-38761: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Proje
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.99.
nvd
CVE-2025-54714P3HIGHCVSS 7.1≤ 3.3.2012025-08-28
CVE-2025-54714 [HIGH] CWE-862 CVE-2025-54714: Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager all
Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.201.
nvd
CVE-2024-43916P3HIGHCVSS 7.1≥ n/a, ≤ 3.3.1022024-08-26
CVE-2024-43916 [HIGH] CWE-639 CVE-2024-43916: Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102.
nvd
CVE-2023-34373P4HIGHCVSS 8.8≥ n/a, ≤ 3.3.932023-06-19
CVE-2023-34373 [HIGH] CWE-352 CVE-2023-34373: Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
nvd
CVE-2025-39552P4MEDIUMCVSS 5.4≤ 3.3.2002025-04-16
CVE-2025-39552 [MEDIUM] CWE-862 CVE-2025-39552: Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager all
Missing Authorization vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zephyr Project Manager: from n/a through <= 3.3.200.
nvd
CVE-2023-31237P4MEDIUMCVSS 6.1≥ n/a, ≤ 3.3.92023-12-29
CVE-2023-31237 [MEDIUM] CWE-601 CVE-2023-31237: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Mana
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.9.
nvd
CVE-2025-32526P4MEDIUMCVSS 6.1≤ 3.3.1012025-04-17
CVE-2025-32526 [MEDIUM] CWE-79 CVE-2025-32526: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through <= 3.3.101.
nvd
CVE-2024-43915P4MEDIUMCVSS 5.4≥ n/a, ≤ .3.1022024-08-26
CVE-2024-43915 [MEDIUM] CWE-79 CVE-2024-43915: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through .3.102.
nvd