Unknown Wp-Pmanager vulnerabilities
3 known vulnerabilities affecting unknown/wp-pmanager.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-2247MEDIUMCVSS 5.4≤ 1.22025-05-15
CVE-2025-2247 [MEDIUM] CWE-352 CVE-2025-2247: The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its set
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
cvelistv5nvd
CVE-2025-2248MEDIUMCVSS 5.4≤ 1.22025-05-15
CVE-2025-2248 [MEDIUM] CWE-89 CVE-2025-2248: The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using i
The WP-PManager WordPress plugin through 1.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
cvelistv5nvd
CVE-2024-13875HIGHCVSS 7.1≤ 1.22025-03-20
CVE-2024-13875 [HIGH] CWE-79 CVE-2024-13875: The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputt
The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
cvelistv5nvd