Vulnerabilities and security researches forwp-crm-system wp-crm-system

Jun 07, 2024

CVE, Research URL: CVE-2024-30434
Home page URL: Security reports for WordPress CRM Plugin – WP-CRM System
Application: WordPress CRM Plugin – WP-CRM System
Date: Mar 29, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-CRM System allows Stored XSS.This issue affects WP-CRM System: from n/a through 3.2.9.
Affected versions: Min -, max -.
Status: vulnerable

Dec 21, 2024

CVE, Research URL: CVE-2024-55991
Home page URL: Security reports for WordPress CRM Plugin – WP-CRM System
Application: WordPress CRM Plugin – WP-CRM System
Date: Dec 31, 2024
Research Description: Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1.
Affected versions: Min -, max -.
Status: vulnerable

May 09, 2025

CVE, Research URL: CVE-2025-47629
Home page URL: Security reports for WordPress CRM Plugin – WP-CRM System
Application: WordPress CRM Plugin – WP-CRM System
Date: May 07, 2025
Research Description: Deserialization of Untrusted Data vulnerability in Mario Peshev WP-CRM System allows Object Injection. This issue affects WP-CRM System: from n/a through 3.4.1.
Affected versions: Min -, max -.
Status: vulnerable