Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

taskbuilder — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting taskbuilder. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Taskbuilder is a workflow automation tool designed for building and managing complex business processes. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its eight recorded CVEs. The platform's security posture has been compromised through insufficient input validation and improper access controls, allowing attackers to execute arbitrary commands or escalate privileges. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on Taskbuilder for critical operations, particularly when deployed without proper hardening or regular security updates.

Top products by taskbuilder: Taskbuilder Taskbuilder – Project Management & Task Management Tool With Kanban Board
CVE IDTitleCVSSSeverityPublished
CVE-2026-2289 Taskbuilder <= 5.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Block Emails' Field — Taskbuilder – Project Management & Task Management Tool With Kanban BoardCWE-79 4.4 Medium2026-03-04
CVE-2026-1640 Taskbuilder <= 5.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Project/Task Comment Creation — Taskbuilder – Project Management & Task Management Tool With Kanban BoardCWE-862 4.3 Medium2026-02-18
CVE-2026-1639 Taskbuilder <= 5.0.2 - Authenticated (Subscriber+) SQL Injection via 'order' and 'sort_by' Parameters — Taskbuilder – Project Management & Task Management Tool With Kanban BoardCWE-89 6.5 Medium2026-02-18
CVE-2025-67933 WordPress Taskbuilder plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability — TaskbuilderCWE-79 7.1 High2026-01-08
CVE-2025-30945 WordPress Taskbuilder plugin <= 4.0.7 - Broken Access Control Vulnerability — TaskbuilderCWE-862 5.3 Medium2025-06-06
CVE-2025-39569 WordPress Taskbuilder plugin <= 4.0.1 - SQL Injection Vulnerability — TaskbuilderCWE-89 8.5 High2025-04-17
CVE-2025-22716 WordPress Taskbuilder Plugin <= 3.0.6 - SQL Injection vulnerability — TaskbuilderCWE-89 8.5 High2025-01-21
CVE-2024-11930 Taskbuilder – WordPress Project & Task Management plugin <= 3.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via wppm_tasks Shortcode — Taskbuilder – Project Management & Task Management Tool With Kanban BoardCWE-79 6.4 Medium2025-01-04

This page lists every published CVE security advisory associated with taskbuilder. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.