Browse all 5 CVE security advisories affecting Kanban for WordPress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kanban for WordPress enables task management and workflow visualization for teams using WordPress as their base platform. Historically, the plugin has been susceptible to multiple security vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with five CVEs documented to date. Notable security characteristics include insufficient input validation and inadequate access controls in earlier versions, which allowed authenticated users to perform unauthorized actions. While recent updates have addressed some critical issues, the plugin's history of vulnerabilities highlights the importance of maintaining current versions and implementing proper security hardening measures for WordPress installations using this workflow management tool.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-37226 | WordPress Kanban Boards for WordPress plugin <= 2.5.21 - Broken Access Control vulnerability — Kanban Boards for WordPressCWE-862 | 5.3 | Medium | 2024-11-01 |
| CVE-2024-31103 | WordPress Kanban Boards for WordPress plugin <= 2.5.21 - Reflected Cross Site Scripting (XSS) vulnerability — Kanban Boards for WordPressCWE-79 | 7.1 | High | 2024-03-31 |
| CVE-2023-40606 | WordPress Kanban Boards for WordPress Plugin <= 2.5.21 is vulnerable to Arbitrary Code Execution — Kanban Boards for WordPressCWE-94 | 9.1 | Critical | 2023-12-29 |
| CVE-2023-34368 | WordPress Kanban Boards for WordPress Plugin <= 2.5.20 is vulnerable to Cross Site Scripting (XSS) — Kanban Boards for WordPressCWE-79 | 5.9 | Medium | 2023-06-22 |
| CVE-2023-23884 | WordPress Kanban Boards for WordPress Plugin <= 2.5.20 is vulnerable to Cross Site Scripting (XSS) — Kanban Boards for WordPressCWE-79 | 5.9 | Medium | 2023-05-09 |
This page lists every published CVE security advisory associated with Kanban for WordPress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.