Every CVE whose affected-product data names Wedevs Wp Erp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2024-6666 — CVSS 8.8 (high): The WP ERP plugin for WordPress is vulnerable to SQL Injection via the ‘vendor_id’ and 'status' parameter in all versions up to, and…
CVE-2024-21747 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP | Complete HR solution…
CVE-2024-12812 — CVSS 7.5 (high): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected…
CVE-2024-0952 — CVSS 7.2 (high): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2023-2744 — CVSS 7.2 (high): The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST…
CVE-2024-0609 — CVSS 7.2 (high): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2024-0913 — CVSS 7.2 (high): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2024-1173 — CVSS 7.2 (high): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2024-47640 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP ERP erp allows Reflected…
CVE-2024-0608 — CVSS 6.5 (medium): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2023-2743 — CVSS 6.1 (medium): The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employee_name parameter before outputting it back in the page…
CVE-2024-0956 — CVSS 4.9 (medium): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to…
CVE-2024-12808 — CVSS 4.8 (medium): The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 does not…