Update the plugin.
An unknown person discovered and reported this Multiple Vulnerabilities vulnerability in WordPress SP Project & Document Manager Plugin. Multiple vulnerabilities were found. Due to the large number of vulnerabilities, this has been grouped in this category. This vulnerability has been fixed in version 188.8.131.52.
Reflected CrossSite Scripting (XSS) vulnerability
Sensitive File Disclosure vulnerability
Attributebased Reflected CrossSite Scripting (XSS) vulnerability
Authenticated Shell Upload vulnerability
Blind SQL Injection