Lucene search
K

294 matches found

Cvelist
Cvelist
added 2025/02/12 12:0 a.m.21 views

CVE-2024-56940

An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service DoS via excessive file uploads...

0.0054EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/12 12:0 a.m.13 views

CVE-2024-56940

An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service DoS via excessive file uploads...

6.8AI score0.0054EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.6 views

PT-2025-6732 · Learndash · Learndash

Name of the Vulnerable Software and Affected Versions: LearnDash version 6.7.1 Description: An issue in the profile image upload function of LearnDash allows attackers to cause a Denial of Service DoS via excessive file uploads. Recommendations: For LearnDash version 6.7.1, consider restricting...

7.5CVSS7.2AI score0.0054EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/12 12:0 a.m.8 views

CVE-2024-56938

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the materials-content class...

5.9AI score0.00308EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.6 views

LearnDash 安全漏洞

LearnDash is a learning management system from LearnDash, Inc. A security vulnerability exists in LearnDash version v6.7.1, which stems from the materials-content class containing a stored cross-site scripting vulnerability...

5.4CVSS6AI score0.00308EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/12 12:0 a.m.15 views

CVE-2024-56938

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the materials-content class...

0.00308EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.2 views

LearnDash 安全漏洞

LearnDash is a learning management system from LearnDash, Inc. A security vulnerability exists in LearnDash version v6.7.1, which stems from a problem with the profile image upload feature that can cause a denial of service by uploading too many files...

7.5CVSS6.7AI score0.0054EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 12:0 a.m.55 views

CVE-2024-56938

LearnDash v6.7.1 is affected by a stored cross-site scripting (XSS) vulnerability in the materials-content class. The issue is documented across multiple sources as a stored XSS vector that can impact user sessions via content stored in the materials-content component. The available reports consi...

5.4CVSS6AI score0.00308EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/12 12:0 a.m.12 views

CVE-2024-56939

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the ld-comment-body class...

5.3AI score0.00308EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.5 views

PT-2025-6731 · Learndash · Learndash

Name of the Vulnerable Software and Affected Versions: LearnDash version 6.7.1 Description: A stored Cross-Site Scripting XSS issue was found in the ld-comment-body class. This allows for malicious scripts to be stored and executed on the site, potentially affecting user sessions. Recommendations...

5.4CVSS6AI score0.00308EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/02/12 12:0 a.m.15 views

CVE-2024-56939

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the ld-comment-body class...

0.00308EPSS
Exploits1References1
CVE
CVE
added 2025/02/12 12:0 a.m.81 views

CVE-2024-56940

The CVE-2024-56940 entry concerns LearnDash (LearnDash v6.7.1) with the issue located in the profile image upload function. The vulnerability enables a Denial of Service (DoS) via excessive file uploads, as described in multiple connected sources. The affected component is the profile image uploa...

7.5CVSS6.8AI score0.0054EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 12:54 a.m.9 views

CVE-2024-37436

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Reflected XSS.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a before 4.1.4.1...

7.1CVSS7AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:26 p.m.8 views

CVE-2024-8349

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...

7.2CVSS3.8AI score0.01164EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 3:15 p.m.8 views

CVE-2025-24662

Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...

5.3CVSS0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 2:22 p.m.21 views

CVE-2025-24662 WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...

5.3CVSS0.00303EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 2:22 p.m.55 views

CVE-2025-24662

CVE-2025-24662 is a Missing Authorization (Broken Access Control) vulnerability in LearnDash LMS. Public sources describe that the issue allows exploitation of incorrectly configured access control security levels and affects LearnDash LMS versions up to 4.20.0.1. Reports from NVD/Red Hat identif...

5.3CVSS8.5AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.5 views

CVE-2025-24662 WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...

5.3CVSS5.4AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.5 views

WordPress plugin LearnDash LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

5.3CVSS8.4AI score0.00303EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.5 views

WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by David Ojeda Guijarro in WordPress Plugin LearnDash LMS versions = 4.20.0.1...

5.3CVSS7AI score0.00303EPSS
Exploits0Affected Software1
Rows per page
Query Builder