Vulnerabilities and security researches foractivedemand activedemand

Jun 06, 2024

CVE, Research URL: CVE-2024-35638
Home page URL: Security reports for ActiveDEMAND
Application: ActiveDEMAND
Date: Jun 03, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in JumpDEMAND Inc. ActiveDEMAND.This issue affects ActiveDEMAND: from n/a through 0.2.43.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2022-36296
Home page URL: Security reports for ActiveDEMAND
Application: ActiveDEMAND
Date: Aug 05, 2022
Research Description: Broken Authentication vulnerability in JumpDEMAND Inc. ActiveDEMAND plugin <= 0.2.27 at WordPress allows unauthenticated post update/create/delete.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-32809
Home page URL: Security reports for ActiveDEMAND
Application: ActiveDEMAND
Date: May 17, 2024
Research Description: Unrestricted Upload of File with Dangerous Type vulnerability in JumpDEMAND Inc. ActiveDEMAND allows Using Malicious Files.This issue affects ActiveDEMAND: from n/a through 0.2.41.
Affected versions: Min -, max -.
Status: vulnerable

Apr 18, 2025

CVE, Research URL: CVE-2025-39513
Home page URL: Security reports for ActiveDEMAND
Application: ActiveDEMAND
Date: Apr 16, 2025
Research Description: ActiveDEMAND [activedemand] <= 0.2.46 (unfixed) CVE-2025-39513 [en] Missing Authorization vulnerability in ActiveDEMAND Online Agency Marketing Automation ActiveDEMAND allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects ActiveDEMAND: from n/a through 0.2.46.
Affected versions: Min -, max -.
Status: vulnerable