Vulnerabilities > Wedevs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2023-51676 | Unspecified vulnerability in Wedevs Happy Addons for Elementor Server-Side Request Forgery (SSRF) vulnerability in Leevio Happy Addons for Elementor.This issue affects Happy Addons for Elementor: from n/a through 3.9.1.1. | 6.5 |
| 2023-12-20 | CVE-2023-26525 | Unspecified vulnerability in Wedevs Dokan Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.12. | 8.1 |
| 2023-12-19 | CVE-2023-34382 | Unspecified vulnerability in Wedevs Dokan Deserialization of Untrusted Data vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.19. | 8.8 |
| 2023-12-14 | CVE-2023-49860 | Unspecified vulnerability in Wedevs WP Project Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts allows Stored XSS.This issue affects WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts: from n/a through 2.6.7. | 5.4 |
| 2023-11-03 | CVE-2023-34383 | SQL Injection vulnerability in Wedevs WP Project Manager Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows SQL Injection.This issue affects WP Project Manager: from n/a through 2.6.0. | 9.8 |
| 2023-09-27 | CVE-2023-41236 | Unspecified vulnerability in Wedevs Happy Addons for Elementor Unauth. | 6.1 |
| 2023-08-30 | CVE-2023-34008 | Cross-site Scripting vulnerability in Wedevs WP ERP Unauth. | 6.1 |
| 2023-07-10 | CVE-2023-28989 | Unspecified vulnerability in Wedevs Happy Addons for Elementor Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons for Elementor plugin <= 3.8.2 versions. | 8.8 |
| 2023-07-01 | CVE-2020-36748 | Unspecified vulnerability in Wedevs Dokan The Dokan plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.8. | 4.3 |
| 2023-07-01 | CVE-2020-36745 | Unspecified vulnerability in Wedevs WP Project Manager The WP Project Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.0. | 8.8 |