Vulnerabilities > Smartypantsplugins > SP Project Document Manager > 4.33
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-37224 | Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.71. | 6.5 |
| 2024-02-28 | CVE-2024-24868 | Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.69. | 8.8 |
| 2023-11-03 | CVE-2023-36677 | Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67. | 8.8 |
| 2023-08-10 | CVE-2023-36530 | Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager Auth. | 4.8 |
| 2022-08-22 | CVE-2022-34857 | Cross-site Scripting vulnerability in Smartypantsplugins SP Project & Document Manager Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPress | 6.1 |
| 2022-07-25 | CVE-2022-1551 | Forced Browsing vulnerability in Smartypantsplugins SP Project & Document Manager The SP Project & Document Manager WordPress plugin before 4.58 uses an easily guessable path to store user files, bad actors could use that to access other users' sensitive files. | 6.5 |