Medium 6.4
2025-07-22< 2.8.0
CRM and Lead Management by vcita <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter
CRM and Lead Management by vcita
Vulnerabilities 5Slug crm-customer-relationship-management-by-vcitaLatest version 2.8.1WordPress.org →
Minimum safe version
2.8.0
Update to 2.8.0 or later to address 5 fixable vulnerabilities
Latest available2.8.1 ✓
Medium 6.4
2025-03-26< 2.7.5
CVE-2024-13702
Medium 4.3
2025-03-13< 2.8.0
CVE-2024-13703
Medium 5.4
2023-06-05< 2.7.0
WordPress CRM and Lead Management by vcita Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)
Medium 6.5
2023-06-05< 2.7.1
WordPress CRM and Lead Management by vcita Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS)