Vulnerabilities and security researches forrevision-manager-tmc revision-manager-tmc

Feb 27, 2026

CVE, Research URL: CVE-2026-25411
Home page URL: Security reports for Revision Manager TMC
Application: Revision Manager TMC
Date: Feb 19, 2026
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in themastercut Revision Manager TMC revision-manager-tmc allows Cross Site Request Forgery.This issue affects Revision Manager TMC: from n/a through <= 2.8.22.
Affected versions: max 2.8.22.
Status: vulnerable

Sep 07, 2024

CVE, Research URL: CVE-2024-7622
Home page URL: Security reports for Revision Manager TMC
Application: Revision Manager TMC
Date: Sep 06, 2024
Research Description: The Revision Manager TMC plugin for WordPress is vulnerable to unauthorized arbitrary email sending due to a missing capability check on the _a_ajaxQuickEmailTestCallback() function in all versions up to, and including, 2.8.19. This makes it possible for authenticated attackers, with subscriber-level access and above, to send emails with arbitrary content to any individual through the vulnerable web server.
Affected versions: max 2.8.20.
Status: vulnerable

Jun 06, 2024