Vulnerabilities in smartypants
12 resultsCVE-2021-38315MEDIUMSP Project & Document Manager <= 4.25 Reflected Cross-Site ScriptingEPSS 0.9%CVE-2023-3063HIGHSP Project & Document Manager <= 4.67 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password ChangeEPSS 0.6%CVE-2023-36677HIGHWordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to SQL InjectionEPSS 0.6%CVE-2024-37224HIGHWordPress SP Project & Document Manager plugin <= 4.71 - Directory Traversal vulnerabilityEPSS 0.6%CVE-2024-24868HIGHWordPress SP Project & Document Manager Plugin <= 4.69 is vulnerable to SQL InjectionEPSS 0.5%CVE-2022-34857MEDIUMWordPress SP Project & Document Manager plugin <= 4.59 - Reflected Cross-Site Scripting (XSS) vulnerabilityEPSS 0.5%CVE-2024-32551HIGHWordPress SP Project & Document Manage plugin <= 4.71 - Auth. SQL Injection vulnerabilityEPSS 0.5%CVE-2024-1693MEDIUMSP Project & Document Manager <= 4.70 - Authenticated (Subscriber+) Arbitrary Folder Name UpdateEPSS 0.4%CVE-2024-33923MEDIUMWordPress SP Project & Document Manager plugin <= 4.69 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-36530MEDIUMWordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2026-10737HIGHSP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() FunctionEPSS 0.3%CVE-2024-31118MEDIUMWordPress SP Project & Document Manager plugin <= 4.70 - Broken Access Control to XSS vulnerabilityEPSS 0.2%