204 matches found
VulnCheck KEV: CVE-2020-27481
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin = 2.1.4 exists due to the usage of "wpajaxnopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlrlmscancelbooking" where POST Parameter "id" was sent straight into SQL query...
WordPress Tutor LMS Plugin Cross Site Request Forgery (CVE-2020-8615)
A cross site request forgery vulnerability exists in WordPress Tutor LMS Plugin. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the effected system...
CVE-2020-8615
CVE-2020-8615 is a CSRF vulnerability in the WordPress Tutor LMS plugin up to version 1.5.3 (fixed in 1.5.3). The issue allows an attacker to approve themselves as an instructor and perform other actions (e.g., blocking legitimate instructors). The root cause is CSRF in Tutor LMS’s instructor-man...
WordPress Learning Management System Plugin - course_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Good LMS - Learning Management System WP Plugin SQL Injection Exploit Author Web Site: http://esecurity.ir Special Thanks : Meisam Monsef email protected - Telegram ID : @meisamrce Vendor Homepage: https://goodlayers.com/ Versio...