CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2839

The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site Scripting attacks against logged in admins.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.7%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2022-2839

Zephyr-One » Zephyr Project Manager » Version: N/A

cpe:2.3:a:zephyr-one:zephyr_project_manager:-
Zephyr-One » Zephyr Project Manager » Version: 2.79.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.79.0
Zephyr-One » Zephyr Project Manager » Version: 2.8.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.8.0
Zephyr-One » Zephyr Project Manager » Version: 2.81.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.81.0
Zephyr-One » Zephyr Project Manager » Version: 2.82.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.82.0
Zephyr-One » Zephyr Project Manager » Version: 2.83.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.83.0
Zephyr-One » Zephyr Project Manager » Version: 2.84.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.84.0
Zephyr-One » Zephyr Project Manager » Version: 2.85.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.85.0
Zephyr-One » Zephyr Project Manager » Version: 2.86.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.86.0
Zephyr-One » Zephyr Project Manager » Version: 2.87.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.87.0
Zephyr-One » Zephyr Project Manager » Version: 2.88.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.88.0
Zephyr-One » Zephyr Project Manager » Version: 2.89.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.89.0
Zephyr-One » Zephyr Project Manager » Version: 2.90.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.90.0
Zephyr-One » Zephyr Project Manager » Version: 2.91.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.91.0
Zephyr-One » Zephyr Project Manager » Version: 2.92.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.92.0
Zephyr-One » Zephyr Project Manager » Version: 2.93.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.93.0
Zephyr-One » Zephyr Project Manager » Version: 2.94.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.94.0
Zephyr-One » Zephyr Project Manager » Version: 2.95.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:2.95.0
Zephyr-One » Zephyr Project Manager » Version: 3.0.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.0.0
Zephyr-One » Zephyr Project Manager » Version: 3.0.1

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.0.1
Zephyr-One » Zephyr Project Manager » Version: 3.2.0

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.0
Zephyr-One » Zephyr Project Manager » Version: 3.2.01

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.01
Zephyr-One » Zephyr Project Manager » Version: 3.2.1

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.1
Zephyr-One » Zephyr Project Manager » Version: 3.2.31

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.31
Zephyr-One » Zephyr Project Manager » Version: 3.2.41

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.41
Zephyr-One » Zephyr Project Manager » Version: 3.2.42

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.42
Zephyr-One » Zephyr Project Manager » Version: 3.2.5

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.5
Zephyr-One » Zephyr Project Manager » Version: 3.2.52

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.52
Zephyr-One » Zephyr Project Manager » Version: 3.2.53

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.53
Zephyr-One » Zephyr Project Manager » Version: 3.2.54

cpe:2.3:a:zephyr-one:zephyr_project_manager:3.2.54

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2839

Products

Pricing

Contact Us