Taskbuilder Project Management Task Management Tool With Kanban Board
Monthly
SQL injection in the Taskbuilder Project Management plugin for WordPress (versions ≤5.0.8) enables any authenticated user-including those with only subscriber-level access-to exfiltrate sensitive data from the WordPress database. The vulnerability exists in the `wppm_proj_filter` parameter handled by `wppm_view_project_tasks.php`, which lacks both proper SQL escaping and prepared statement usage. Compounding the risk, the `wp_ajax_wppm_view_project_tasks` AJAX handler performs no nonce verification, meaning the vulnerable code path is reachable by any authenticated WordPress session without additional preconditions. No public exploit has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
SQL Injection in the Taskbuilder Project Management & Task Management WordPress plugin (versions up to and including 5.0.8) allows any authenticated WordPress user with Subscriber-level access or higher to exfiltrate arbitrary data from the site's database. The root cause is dual: insufficient escaping of the 'task_search' parameter in the wppm_get_task_list AJAX handler combined with a complete absence of capability checks and nonce verification on that handler, meaning the attack surface is broader than typical subscriber-exploitable SQLi. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; however, the low privilege bar and straightforward injection vector make this a credible threat against any WordPress site running the affected plugin.
Time-based blind SQL injection in the Taskbuilder - Project Management & Task Management Tool With Kanban Board WordPress plugin (all versions through 5.0.6) enables authenticated attackers with Subscriber-level access or above to exfiltrate arbitrary data from the underlying database via the 'project_search' parameter. The vulnerability stems from unsanitized user input being passed into an unprepared SQL query, exposing confidential database contents including user credentials, configuration data, and application records. No public exploit code has been identified at time of analysis, EPSS probability is very low at 0.03%, and CISA has not added this to the Known Exploited Vulnerabilities catalog.
SQL injection in the Taskbuilder Project Management plugin for WordPress (versions ≤5.0.8) enables any authenticated user-including those with only subscriber-level access-to exfiltrate sensitive data from the WordPress database. The vulnerability exists in the `wppm_proj_filter` parameter handled by `wppm_view_project_tasks.php`, which lacks both proper SQL escaping and prepared statement usage. Compounding the risk, the `wp_ajax_wppm_view_project_tasks` AJAX handler performs no nonce verification, meaning the vulnerable code path is reachable by any authenticated WordPress session without additional preconditions. No public exploit has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
SQL Injection in the Taskbuilder Project Management & Task Management WordPress plugin (versions up to and including 5.0.8) allows any authenticated WordPress user with Subscriber-level access or higher to exfiltrate arbitrary data from the site's database. The root cause is dual: insufficient escaping of the 'task_search' parameter in the wppm_get_task_list AJAX handler combined with a complete absence of capability checks and nonce verification on that handler, meaning the attack surface is broader than typical subscriber-exploitable SQLi. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; however, the low privilege bar and straightforward injection vector make this a credible threat against any WordPress site running the affected plugin.
Time-based blind SQL injection in the Taskbuilder - Project Management & Task Management Tool With Kanban Board WordPress plugin (all versions through 5.0.6) enables authenticated attackers with Subscriber-level access or above to exfiltrate arbitrary data from the underlying database via the 'project_search' parameter. The vulnerability stems from unsanitized user input being passed into an unprepared SQL query, exposing confidential database contents including user credentials, configuration data, and application records. No public exploit code has been identified at time of analysis, EPSS probability is very low at 0.03%, and CISA has not added this to the Known Exploited Vulnerabilities catalog.