WordPress Namaste! LMS Plugin <= 2.6.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Namaste! LMS versions = 2.6.5...

PT-2025-7766 · Unknown · Namaste! Lms

Name of the Vulnerable Software and Affected Versions: Namaste! LMS versions 2.6.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. Recommendations: For versions 2.6.5 and earlier, update to a version that contains...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that stems from a filter that is not adequately cleaned, resulting in arbitrary fil...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1590 SourceCodester E-Learning System List of Lessons Page index.php unrestricted upload

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1590 SourceCodester E-Learning System List of Lessons Page index.php unrestricted upload

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1590

CVE-2025-1590 affects SourceCodester E-Learning System 1.0. The vulnerability is in an unknown function of the file /admin/modules/lesson/index.php within the List of Lessons Page, and the manipulation allows an unrestricted file upload. The issue can be leveraged remotely. Multiple connected sou...

CVE-2025-1589

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589 SourceCodester E-Learning System User Registration register.php cross site scripting

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589 SourceCodester E-Learning System User Registration register.php cross site scripting

A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely...

CVE-2025-1589

CVE-2025-1589 affects SourceCodester E-Learning System 1.0, specifically the User Registration Handler’s /register.php. Multiple connected sources describe a cross-site scripting vulnerability that can be triggered remotely through the registration path. The exact affected code path is the handli...

SourceCodester E-Learning System 代码问题漏洞

SourceCodester E-Learning System is a SourceCodester open source e-learning system. A code issue vulnerability exists in SourceCodester E-Learning System version 1.0, which stems from allowing unlimited file uploads...

SourceCodester E-Learning System 代码注入漏洞

SourceCodester E-Learning System is a SourceCodester open source e-learning system. A code injection vulnerability exists in SourceCodester E-Learning System version 1.0. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

PT-2025-7687 · Sourcecodester · Sourcecodester Elearning System

Name of the Vulnerable Software and Affected Versions: SourceCodester E-Learning System version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. This issue leads to unrestricted uploa...

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter vulnerability

Authenticated Administrator+ SQL Injection via postid Parameter vulnerability discovered by Pham Van Tam in WordPress Plugin Indeed Ultimate Learning Pro versions = 3.9...

10 Best LMS SaaS Platforms for Scalable Online Learning

The education sector is changing quickly as it adopts digital tools for better learning experiences. These days, learning…...