Which Kanban Boards for WordPress CVEs are tracked?

Kanban Boards for WordPress tracked CVEs include CVE-2023-40606, CVE-2024-31103, CVE-2023-0873, CVE-2023-34368, and CVE-2023-23884.

How many Kanban Boards for WordPress vulnerabilities have patch guidance?

6 of 6 tracked Kanban Boards for WordPress records include a published patch path.

Where should operators start on this Plugin hub?

Start with the priority CVE quick links, then open the full report for affected versions, remediation notes, CVSS vectors, and source references.

Plugin Vulnerability Hub

Plugin 6 known issues Latest disclosed Jun 21, 2024

Kanban Boards for WordPress Vulnerabilities

Review known vulnerability records for the WordPress plugin Kanban Boards for WordPress (`kanban`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2024-37226, CVE-2024-31103 and CVE-2023-40606, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed

Known Records

High or Critical

Patch Coverage

100%

Last Updated

Mar 27, 2026

Priority CVE Quick Links

Fast paths into Kanban Boards for WordPress CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs

CVE-2023-40606 High No patch listed

CVE-2023-40606 Kanban Boards for WordPress Remote Code Execution

Kanban Boards <= 2.5.21 - Authenticated (Administrator+) Remote Code Execution

CVE-2024-31103 Medium No patch listed

CVE-2024-31103 Kanban Boards for WordPress Cross-Site Scripting

Kanban Boards for WordPress <= 2.5.21 - Reflected Cross-Site Scripting

CVE-2023-0873 Medium 2.5.21

CVE-2023-0873 Kanban Boards for WordPress Stored Cross-Site Scripting

Kanban Boards for WordPress <= 2.5.20 - Authenticated (Administrator+) Stored Cross-Site Scripting

CVE-2023-34368 Medium 2.5.21

CVE-2023-34368 Kanban Boards for WordPress Stored Cross-Site Scripting

Kanban Boards for WordPress <= 2.5.20 - Authenticated (Administrator+) Stored Cross-Site Scripting

CVE-2023-23884 Medium No patch listed

CVE-2023-23884 Kanban Boards for WordPress Stored Cross-Site Scripting

Kanban Boards for WordPress <= 2.5.21 - Authenticated (Administrator+) Stored Cross-Site Scripting

CVE-2024-37226 Medium No patch listed

CVE-2024-37226 Kanban Boards for WordPress Vulnerability

Kanban Boards for WordPress <= 2.5.21 - Missing Authorization

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Kanban Boards for WordPress so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility

6 records include a published patch path, leaving 0 with no listed safe release yet.

Severity Mix

0 critical and 1 high severity finding.

Recent CVEs

CVE-2024-37226, CVE-2024-31103 and CVE-2023-40606

Reference Workflow

Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.

Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

CVE-2024-37226 Medium No patch listed

CVE-2024-37226: Kanban Boards for WordPress <= 2.5.21 - Missing Authorization

The Kanban Boards for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.5.21. This m...

Published

Jun 21, 2024

Patch Status

Not published

Open CVE-2024-37226 Report

CVE-2024-31103 Medium No patch listed

CVE-2024-31103: Kanban Boards for WordPress <= 2.5.21 - Reflected Cross-Site Scripting

The Kanban Boards for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.5.21 due to insufficient input sanitization and outpu...

Published

Mar 29, 2024

Patch Status

Not published

Open CVE-2024-31103 Report

CVE-2023-40606 High No patch listed

CVE-2023-40606: Kanban Boards <= 2.5.21 - Authenticated (Administrator+) Remote Code Execution

The Kanban Boards plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.21. This allows authenticated attackers with administrator access to execu...

Published

Aug 17, 2023

Patch Status

Not published

Open CVE-2023-40606 Report

Known Vulnerabilities

Reports for Kanban Boards for WordPress

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: No CVE-2024-37226

CVE-2024-37226: Kanban Boards for WordPress <= 2.5.21 - Missing Authorization

The Kanban Boards for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.5.21. This makes it possible for authenticated attackers, with subscriber-level access and above, to p...

Published

Jun 21, 2024

Patched Release

Not published

Affected Versions

Versions up to 2.5.21

Next Step

Open the full report for remediation notes and references.

Open CVE-2024-37226 Report Open CVE Reference

Plugin Medium Patched: No CVE-2024-31103

CVE-2024-31103: Kanban Boards for WordPress <= 2.5.21 - Reflected Cross-Site Scripting

The Kanban Boards for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.5.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web s...

Published

Mar 29, 2024

Patched Release

Not published

Affected Versions

Versions up to 2.5.21

Next Step

Open the full report for remediation notes and references.

Open CVE-2024-31103 Report Open CVE Reference

Plugin High Patched: No CVE-2023-40606

CVE-2023-40606: Kanban Boards <= 2.5.21 - Authenticated (Administrator+) Remote Code Execution

The Kanban Boards plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.21. This allows authenticated attackers with administrator access to execute code on the server.

Published

Aug 17, 2023

Patched Release

Not published

Affected Versions

Versions up to 2.5.21

Next Step

Open the full report for remediation notes and references.

Open CVE-2023-40606 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-0873

CVE-2023-0873: Kanban Boards for WordPress <= 2.5.20 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Kanban Boards for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.5.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin...

Published

Jun 02, 2023

Patched Release

2.5.21

Affected Versions

Versions up to 2.5.20

Next Step

Update to 2.5.21 or newer if supported.

Open CVE-2023-0873 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-34368

CVE-2023-34368: Kanban Boards for WordPress <= 2.5.20 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

Jun 02, 2023

Patched Release

2.5.21

Affected Versions

Versions up to 2.5.20

Next Step

Update to 2.5.21 or newer if supported.

Open CVE-2023-34368 Report Open CVE Reference

Plugin Medium Patched: No CVE-2023-23884

CVE-2023-23884: Kanban Boards for WordPress <= 2.5.21 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Kanban Boards for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.5.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin...

Published

Mar 20, 2023

Patched Release

Not published

Affected Versions

Versions up to 2.5.21

Next Step

Open the full report for remediation notes and references.

Open CVE-2023-23884 Report Open CVE Reference