Upgrade the plugin.
Catsecurity discovered and reported this SQL Injection vulnerability in WordPress SP Project & Document Manager Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 2.5.4.
Reflected CrossSite Scripting (XSS) vulnerability
10.08.2022
Sensitive File Disclosure vulnerability
29.06.2022
Attributebased Reflected CrossSite Scripting (XSS) vulnerability
16.08.2021
Authenticated Shell Upload vulnerability
25.05.2021
Multiple Vulnerabilities
07.03.2016