Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Taskbuilder – WordPress Project & Task Management plugin 1.0.7

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 15, 2022

The Taskbuilder plugin for WordPress is not secure in versions up to and including 1.0.7. This means that someone with certain permissions can upload a malicious file (called an SVG file) that can run code. This code can then be used to get access to parts of the website that the attacker should not have access to.

Detected in:

Taskbuilder – Project & Task Management with Kanban fixed vulnerable versions:
Taskbuilder – Project Management & Task Management Tool With Kanban Board fixed vulnerable versions:
Taskbuilder – Project Management, Task Management, Kanban Board, Goal Tracking,Team Collaboration fixed vulnerable versions:
Taskbuilder – WordPress Project & Task Management plugin fixed vulnerable versions: >= * <= 1.0.7
Taskbuilder – WordPress Project Management & Task Management fixed vulnerable versions:
Taskbuilder – WordPress Project Management & Task Management,kanban view fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.