Home/Product/zephyr one zephyr project manager
Product

zephyr one zephyr project manager

15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-32526
<= 3.3.102
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project M
7.1HIGH
 CVE-2024-43916
< 3.3.103
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Pro
4.3MEDIUM
 CVE-2024-43915
< 3.3.103
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan James Zephyr Pr
5.5MEDIUM
 CVE-2024-43322
< 3.3.101
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Pro
5.4MEDIUM
 CVE-2024-7624
< 3.3.102
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including
8.1HIGH
 CVE-2024-7356
< 3.3.101
The Zephyr Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘filename’ parameter in a
6.4MEDIUM
 CVE-2024-38761
< 3.3.100
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr Project Manager.This issue affects
7.5HIGH
 CVE-2024-6536
< 3.3.99
The Zephyr Project Manager WordPress plugin before 3.3.99 does not sanitise and escape some of its settings, which could allow hig
5.4MEDIUM
 CVE-2024-37484
< 3.3.99
Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Z
8.8HIGH
 CVE-2023-31237
< 3.3.91
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr
4.7MEDIUM
 CVE-2023-34373
<= 3.3.93
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.
5.4MEDIUM
 CVE-2022-2839
< 3.2.55
The Zephyr Project Manager WordPress plugin before 3.2.55 does not have any authorisation as well as CSRF in all its AJAX actions,
5.4MEDIUM
 CVE-2022-3333
< 3.2.5
A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown func
3.5LOW
 CVE-2022-2840
< 3.2.5
The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL
9.8CRITICAL
 CVE-2022-1822
< 3.2.41
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in
6.1MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh