Projectopia

CVEs (2)

• CVE-2025-59133HigJun 15, 2026
  WordPress

  Projectopia
  risk 0.49cvss 7.5epss —

  Custom role Insecure Direct Object References (IDOR) in Projectopia <= 5.1.25.2 versions.

• CVE-2025-3952May 1, 2025
  Projectopia

  Projectopia
  risk 0.00cvss —epss 0.00

  The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'pto_remove_logo' function in all versions up to, and including, 5.1.16. This…