StaffList
ERA404
Developer
3.2.7
Latest version
100
Installations
No date
Last updated
Vulnerability history
2 present
6 fixed
3 Mitigation rules
- Authenticated (Admin+) Stored Cross-Site Scripting vulnerability<= 3.2.6Nov 27, 2025
- Sensitive Data Exposure vulnerability<= 3.2.7Apr 4, 2025
- Broken Access Control vulnerability<= 3.2.7Apr 4, 2025
- Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability<= 3.2.3Feb 11, 2025
- Reflected Cross-Site Scripting (XSS) vulnerability<= 3.1.6May 9, 2022
- Arbitrary Staff Deletion via Cross-Site Request Forgery (CSRF) vulnerability<= 3.1.5May 4, 2022
- Authenticated SQL Injection (SQLi) vulnerability<= 3.1.2May 4, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 3.1.5May 4, 2022