Medium severity6.5NVD Advisory· Published May 15, 2024· Updated Jun 17, 2026
CVE-2024-3749
CVE-2024-3749
Description
The SP Project & Document Manager WordPress plugin through 4.71 lacks proper access controllers and allows a logged in user to view and download files belonging to another user
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- WordPress/SP Project & Document Manager plugindescription
<=4.71+ 1 more
- (no CPE)range: <=4.71
- (no CPE)
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d14bb16e-ce1d-4c31-8791-bc63174897c0/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.