3977 matches found
PT-2025-43711
Name of the Vulnerable Software and Affected Versions Tutor LMS Pro versions prior to 3.8.4 Description The Tutor LMS Pro plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This is due to a lack of proper validation on a user-controlled key when handling assignment...
CVE-2025-60220
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through = 3.0.0...
CVE-2025-62617
Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...
CVE-2025-62688
CVE-2025-62688 concerns Productivity Suite software v4.4.1.19, where an incorrect permission assignment for a critical resource enables a user with low-privileged credentials to change their role and gain full control access to the project. The Red Hat, NVD, and other feeds corroborate the same d...
CVE-2025-49924
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.4.2...
CVE-2025-48082
Incorrect Privilege Assignment vulnerability in Progress Planner Progress Planner progress-planner allows Privilege Escalation.This issue affects Progress Planner: from n/a through = 1.8.0...
CVE-2025-62007
Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through = 1.0.3...
CVE-2025-53428
Incorrect Privilege Assignment vulnerability in N-Media Simple User Registration wp-registration allows Privilege Escalation.This issue affects Simple User Registration: from n/a through = 6.8...
CVE-2025-53425
Incorrect Privilege Assignment vulnerability in Dokan, Inc. Dokan dokan-lite allows Privilege Escalation.This issue affects Dokan: from n/a through = 4.1.3...
GHSA-W29J-8PHW-FFJF Moodle has a time restriction bypass
An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment...
CVE-2025-62401
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment...
CVE-2025-62401
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment...
Improper Authorization
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Authorization via the timed assignment feature. An attacker can gain unauthorized access to additional time for completing assessments by bypassing the intended time restriction. Remediatio...
EUVD-2025-35665
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment...
CVE-2025-41109
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors and a USB Type-C port. The vulnerability is due to the lack of authentication mechanisms when establishing connections through these ports. Specifically, with regard to network connectivity, the robot'...
PT-2025-43449
Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. Recommendations At the...
AutomationDirect Productivity Suite 安全漏洞
AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from an improper assignment of critical resource permissions and could allow...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from a bypass issue with the timed assignment feature that could result...
CVE-2025-62617
Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...
CVE-2025-62617
CVE-2025-62617 affects Admidio, an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection exists in the member assignment data retrieval feature. The vulnerability arises from directly concatenating the GET parameter (notably filter_rol_uuid ) into a SQL con...