WP ERP
weDevs
Developer
1.16.6
Latest version
7,000
Installations
Nov 4, 2025
Last updated
Vulnerability history
3 present
13 fixed
8 Mitigation rules
- Custom+ Unauthorized Access to Terminated Employee Information vulnerability< 1.13.4May 19, 2025
- Admin+ Stored XSS vulnerability< 1.13.4May 19, 2025
- Broken Access Control vulnerability<= 1.13.4Mar 27, 2025
- Reflected Cross Site Scripting (XSS) vulnerability<= 1.13.2Oct 21, 2024
- Authenticated (Accounting Manager+) SQL Injection via vendor_id vulnerability<= 1.13.0Jul 11, 2024
- Authenticated (AccountingManager+) SQL Injection vulnerability<= 1.13.1May 3, 2024
- Unauthenticated Stored Cross-Site Scripting vulnerability<= 1.12.9Apr 1, 2024
- Authenticated (Subscriber+) SQL Injection vulnerability<= 1.12.9Mar 29, 2024
- Authenticated (AccountingManager+) SQL Injection vulnerability<= 1.12.9Mar 29, 2024
- Authenticated (Accounting Manager+) SQL Injection via id vulnerability<= 1.12.9Mar 29, 2024
- SQL Injection vulnerability<= 1.12.8Jan 5, 2024
- Broken Access Control vulnerability<= 1.12.6Oct 12, 2023
- Reflected Cross-Site Scripting (XSS) vulnerability< 1.12.4Jun 27, 2023
- Reflected Cross Site Scripting (XSS) vulnerability<= 1.12.3Jun 2, 2023
- Cross-Site Request Forgery (CSRF) vulnerability<= 1.7.4Mar 1, 2021
- Cross-Site Request Forgery (CSRF) vulnerability<= 1.6.3Sep 16, 2020