cleantalk
Vulnerabilities and Security Researches

SP Project & Document Manager, CVE-2023-36530

CVE, Research URL

CVE-2023-36530

Home page URL

Security reports for SP Project & Document Manager

Application

SP Project & Document Manager

Published on
Aug 10, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smartypants SP Project & Document Manager plugin <= 4.67 versions.
Affected versions
max 4.68.
Status
vulnerable
Previous vulnerability researches
SP Project &amp; Document Manager (CVE-2022-34857) , Jun 07, 2024
SP Project &amp; Document Manager (CVE-2021-38315) , Jun 07, 2024
SP Project &amp; Document Manager (CVE-2021-4225) , Jun 07, 2024
SP Project &amp; Document Manager (CVE-2021-24347) , Jun 07, 2024
SP Project &amp; Document Manager (CVE-2014-9178) , Jun 07, 2024
New vulnerability
SP Project &amp; Document Manager (CVE-2026-10737) , Jun 05, 2026
EmergencyWP &#8211; Dead Man&#039;s switch &amp; legacy deliverance (CVE-2026-9732) , Jun 04, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-45441) , Jun 04, 2026
Job Manager and Recruitment Board for Employers and Candidates &#8211; Crew HRM (CVE-2026-27351) , Jun 04, 2026
CloudSecure WP Security (CVE-2026-42411) , Jun 04, 2026