Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Taskbuilder – WordPress Project & Task Management plugin 3.0.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: January 3, 2025

The Taskbuilder plugin for WordPress, which helps manage projects and tasks, has a security issue that allows for Stored Cross-Site Scripting. This means that attackers who are logged in and have a certain level of access can insert harmful code into pages that will run when someone views that page. This vulnerability exists in all versions up to 3.0.6 and is caused by a lack of proper filtering and escaping of user input.

Detected in:

Taskbuilder – Project & Task Management with Kanban fixed vulnerable versions:
Taskbuilder – Project Management & Task Management Tool With Kanban Board fixed vulnerable versions:
Taskbuilder – Project Management, Task Management, Kanban Board, Goal Tracking,Team Collaboration fixed vulnerable versions:
Taskbuilder – WordPress Project & Task Management plugin fixed vulnerable versions: >= * <= 3.0.6
Taskbuilder – WordPress Project Management & Task Management fixed vulnerable versions:
Taskbuilder – WordPress Project Management & Task Management,kanban view fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.