VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 6 known issues Latest disclosed Jan 03, 2025

Dynamics 365 Integration Vulnerabilities

Review known vulnerability records for the WordPress plugin Dynamics 365 Integration (`integration-dynamics`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2024-12583, CVE-2024-34550 and CVE-2023-29422, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
6
High or Critical
1
Patch Coverage
100%
Last Updated
Jan 04, 2025
Priority CVE Quick Links

Fast paths into Dynamics 365 Integration CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
4
CVE-2024-12583 Critical 1.3.24
CVE-2024-12583 Dynamics 365 Integration Remote Code Execution

Dynamics 365 Integration <= 1.3.23 - Authenticated (Contributor+) Remote Code Execution and Arbitrary File Read via Twig Server-Side Template Injection

CVE-2023-28417 Medium 1.3.13
CVE-2023-28417 Dynamics 365 Integration Vulnerability

Dynamics 365 Integration <= 1.3.12 - Missing Authorization via wp_ajax_wpcrm_log & wp_ajax_wpcrm_log_verbosity

CVE-2024-34550 Medium 1.3.18
CVE-2024-34550 Dynamics 365 Integration Sensitive Information Exposure

Dynamics 365 Integration <= 1.3.17 - Unauthenticated Sensitive Information Exposure

CVE-2023-29422 Medium 1.3.14
CVE-2023-29422 Dynamics 365 Integration Vulnerability

Dynamics 365 Integration <= 1.3.13 - Missing Authorization via init

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Dynamics 365 Integration so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
6 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
1 critical and 0 high severity findings.
Recent CVEs
CVE-2024-12583, CVE-2024-34550 and CVE-2023-29422
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for Dynamics 365 Integration

Sorted by latest disclosure date so newly published issues surface first.

Plugin Critical Patched: Yes CVE-2024-12583
CVE-2024-12583: Dynamics 365 Integration <= 1.3.23 - Authenticated (Contributor+) Remote Code Execution and Arbitrary File Read via Twig Server-Side Template Injection

The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and Arbitrary File Read in all versions up to, and including, 1.3.23 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function....

Published
Jan 03, 2025
Patched Release
1.3.24
Affected Versions
Versions up to 1.3.23
Next Step
Update to 1.3.24 or newer if supported.
Open CVE-2024-12583 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-34550
CVE-2024-34550: Dynamics 365 Integration <= 1.3.17 - Unauthenticated Sensitive Information Exposure

The Dynamics 365 Integration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.17 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contai...

Published
May 07, 2024
Patched Release
1.3.18
Affected Versions
Versions up to 1.3.17
Next Step
Update to 1.3.18 or newer if supported.
Open CVE-2024-34550 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2023-29422
CVE-2023-29422: Dynamics 365 Integration <= 1.3.13 - Missing Authorization via init

The Dynamics 365 Integration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init function in versions up to, and including, 1.3.13. This makes it possible for authenticated attackers , with subscriber-level access...

Published
Apr 06, 2023
Patched Release
1.3.14
Affected Versions
Versions up to 1.3.13
Next Step
Update to 1.3.14 or newer if supported.
Open CVE-2023-29422 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2023-28417
CVE-2023-28417: Dynamics 365 Integration <= 1.3.12 - Missing Authorization via wp_ajax_wpcrm_log & wp_ajax_wpcrm_log_verbosity

The Dynamics 365 Integration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wp_ajax_wpcrm_log & wp_ajax_wpcrm_log_verbosity functions in versions up to, and including, 1.3.12. This makes it possible for authenticat...

Published
Mar 15, 2023
Patched Release
1.3.13
Affected Versions
Versions up to 1.3.12
Next Step
Update to 1.3.13 or newer if supported.
Open CVE-2023-28417 Report Open CVE Reference
Plugin Medium Patched: Yes
Dynamics 365 Integration <= 1.3.12 - Cross-Site Request Forgery via wp_ajax_wpcrm_log_verbosity

The Dynamics 365 Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.12. This is due to missing or incorrect nonce validation on 'wp_ajax_wpcrm_log_verbosity' AJAX action. This makes it possible for unauthenticated at...

Published
Mar 14, 2023
Patched Release
1.3.13
Affected Versions
Versions up to 1.3.12
Next Step
Update to 1.3.13 or newer if supported.
Open Full Report
Plugin Medium Patched: Yes
Dynamics 365 Integration <= 1.3.12 - Cross-Site Request Forgery via wp_ajax_wpcrm_log

The Dynamics 365 Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.12. This is due to missing or incorrect nonce validation on 'wp_ajax_wpcrm_log' AJAX action. This makes it possible for unauthenticated attackers to...

Published
Mar 13, 2023
Patched Release
1.3.13
Affected Versions
Versions up to 1.3.12
Next Step
Update to 1.3.13 or newer if supported.
Open Full Report