WordPress Zephyr Project Manager Vulnerabilities

Wordpress Zephyr Project Manager vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

26 September 2025

Stored Cross-Site Scripting in Zephyr Project Manager for WordPress
CVE-2025-10490
WordPressZephyr Project Manager4.4MEDIUM

28 August 2025

Missing Authorization Vulnerability in Zephyr Project Manager by Dylan James
CVE-2025-54714
WordPressZephyr Project Manager7.1HIGH

26 August 2024

Improper Neutralization of Input During Web Page Generation (XSS)
CVE-2024-43915
WordPressZephyr Project Manager5.4MEDIUM

15 August 2024

Limited Privilege Escalation Vulnerability in Zephyr Project Manager for WordPress
CVE-2024-7624
WordpressZephyr Project Manager8.1HIGH

3 August 2024

Stored Cross-Site Scripting Vulnerability in Zephyr Project Manager Plugin
CVE-2024-7356
WordpressZephyr Project Manager5.4MEDIUM

29 December 2023

WordPress Zephyr Project Manager Plugin <= 3.3.9 is vulnerable to Open Redirection
CVE-2023-31237
WordPressZephyr Project Manager4.7MEDIUM

19 June 2023

WordPress Zephyr Project Manager Plugin <= 3.3.93 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-34373
WordPressZephyr Project Manager5.4MEDIUM

3 October 2022

Zephyr Project Manager < 3.2.55 - Unauthorised AJAX Calls To Stored XSS
CVE-2022-2839
WordpressZephyr Project Manager5.4MEDIUM

19 September 2022

Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi
CVE-2022-2840
WordpressZephyr Project Manager9.8CRITICAL