Devs Crm – Manage Tasks, Attendance And Teams All Together
Approved changes feed: RSS · Atom
cpe:2.3:a:ajitdas:devs_crm_–_manage_tasks,_attendance_and_teams_all_together:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ajitdas (2b39704c-8812-58b2-8909-308355da690d) |
|---|---|
| Product | Devs Crm – Manage Tasks, Attendance And Teams All Together (da2b56a8-a03a-5966-9d75-b0c4f9a51e94) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-13093 |
vulnerable | 2026-06-08 07:04:31.561092 |
Devs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Missing Authorization to Unauthenticated Lead Tag Update
MEDIUM (5.3)
The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/devs-crm/v1/bulk-update' REST-API endpoint in all versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update leads tags.
Published: 2025-12-13T04:31:27.311Z
Updated: 2026-04-08T17:01:54.080Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13092 |
vulnerable | 2026-06-08 07:04:31.560523 |
Devs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Unauthenticated Information Expsoure
MEDIUM (5.3)
The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /wp-json/devs-crm/v1/attendances REST API Endpoint in all versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to retrieve private user data, including password hashes.
Published: 2025-12-13T04:31:32.532Z
Updated: 2026-04-08T17:21:11.739Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.