294 matches found
CVE-2024-56940
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service DoS via excessive file uploads...
CVE-2024-56940
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service DoS via excessive file uploads...
PT-2025-6732 · Learndash · Learndash
Name of the Vulnerable Software and Affected Versions: LearnDash version 6.7.1 Description: An issue in the profile image upload function of LearnDash allows attackers to cause a Denial of Service DoS via excessive file uploads. Recommendations: For LearnDash version 6.7.1, consider restricting...
CVE-2024-56938
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the materials-content class...
LearnDash 安全漏洞
LearnDash is a learning management system from LearnDash, Inc. A security vulnerability exists in LearnDash version v6.7.1, which stems from the materials-content class containing a stored cross-site scripting vulnerability...
CVE-2024-56938
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the materials-content class...
LearnDash 安全漏洞
LearnDash is a learning management system from LearnDash, Inc. A security vulnerability exists in LearnDash version v6.7.1, which stems from a problem with the profile image upload feature that can cause a denial of service by uploading too many files...
CVE-2024-56938
LearnDash v6.7.1 is affected by a stored cross-site scripting (XSS) vulnerability in the materials-content class. The issue is documented across multiple sources as a stored XSS vector that can impact user sessions via content stored in the materials-content component. The available reports consi...
CVE-2024-56939
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the ld-comment-body class...
PT-2025-6731 · Learndash · Learndash
Name of the Vulnerable Software and Affected Versions: LearnDash version 6.7.1 Description: A stored Cross-Site Scripting XSS issue was found in the ld-comment-body class. This allows for malicious scripts to be stored and executed on the site, potentially affecting user sessions. Recommendations...
CVE-2024-56939
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the ld-comment-body class...
CVE-2024-56940
The CVE-2024-56940 entry concerns LearnDash (LearnDash v6.7.1) with the issue located in the profile image upload function. The vulnerability enables a Denial of Service (DoS) via excessive file uploads, as described in multiple connected sources. The affected component is the profile image uploa...
CVE-2024-37436
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Reflected XSS.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a before 4.1.4.1...
CVE-2024-8349
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...
CVE-2025-24662
Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...
CVE-2025-24662 WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...
CVE-2025-24662
CVE-2025-24662 is a Missing Authorization (Broken Access Control) vulnerability in LearnDash LMS. Public sources describe that the issue allows exploitation of incorrectly configured access control security levels and affects LearnDash LMS versions up to 4.20.0.1. Reports from NVD/Red Hat identif...
CVE-2025-24662 WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in LearnDash LearnDash LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnDash LMS: from n/a through 4.20.0.1...
WordPress plugin LearnDash LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by David Ojeda Guijarro in WordPress Plugin LearnDash LMS versions = 4.20.0.1...