CVE-2026-10737 | smartypants SP Project & Document Manager Plugin up to 4.71 on WordPress admin-ajax.php view_file authorization

A vulnerability was found in smartypants SP Project & Document Manager Plugin up to 4.71 on WordPress and classified as problematic. The impacted element is the function view_file of the file admin-ajax.php. The manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-10737. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More