← Back to CVE List
CVE-2024-3749
The SP Project & Document Manager WordPress plugin through 4.71 lacks proper access controllers and allows a logged in user to view and download files belonging to another user
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt