CVE-2021-36826

Name of the Vulnerable Software and Affected Versions weDevs WP Project Manager plugin versions <= 2.4.13

Description The issue is related to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability. This means that an attacker with certain privileges, such as a subscriber or higher user role, can inject malicious scripts into the application, which are then stored and executed by the application, potentially affecting other users.

Recommendations For weDevs WP Project Manager plugin versions <= 2.4.13, update to a version higher than 2.4.13 to resolve the issue.