VYPR

Wp Human Resource Management

by Asaquzzaman

CVEs (2)

  • CVE-2025-5953Jul 4, 2025
    risk 0.00cvss epss 0.00

    The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() functions in versions 2.0.0 through 2.2.17. The AJAX handler reads the client-supplied $_POST['role'] and,…

  • CVE-2025-5956Jul 4, 2025
    risk 0.00cvss epss 0.00

    The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajax_delete_employee() function in versions 2.0.0 through 2.2.17. The plugin’s deletion handler reads the client-supplied $_POST['delete']…