cleantalk
Vulnerabilities and Security Researches

WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts, CVE-2025-22649

CVE, Research URL

CVE-2025-22649

Home page URL

Security reports for WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts

Application

WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts

Published on
Mar 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22.
Affected versions
Min -, max 2.6.21.
Status
vulnerable
Previous vulnerability researches
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2023-40003) , Jun 10, 2024
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2024-10174) , Nov 13, 2024
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2023-3636) , Jun 07, 2024
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2024-13752) , Feb 17, 2025
WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts (CVE-2020-36745) , Jun 07, 2024
New vulnerability
AAWP Obfuscator (CVE-2025-3432) , Apr 09, 2025
coreActivity: Activity Logging plugin for WordPress (CVE-2025-3436) , Apr 09, 2025
Easy Contact (CVE-2025-30970) , Apr 08, 2025
DyaPress ERP/CRM (CVE-2025-30582) , Apr 08, 2025
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025