Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 7:21 a.m.4 views

CVE-2025-13563

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizzalmsproregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

9.8CVSS5.5AI score0.00368EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/19 7:39 a.m.8 views

WordPress Lizza LMS Pro plugin <= 1.0.3 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Alyudin Nafiie in WordPress Plugin Lizza LMS Pro versions = 1.0.3...

9.8CVSS5.5AI score0.00368EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2025-13563

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizzalmsproregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

9.8CVSS0.00368EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 4:36 a.m.18 views

CVE-2025-13563

CVE-2025-13563 affects the Lizza LMS Pro plugin for WordPress, vulnerable in all versions up to 1.0.3 due to improper restriction in lizza_lms_pro_register_user_front_end, allowing unauthenticated attackers to supply the administrator role during registration and gain admin access. No remediation...

9.8CVSS5.5AI score0.00368EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 4:36 a.m.4 views

CVE-2025-13563 Lizza LMS Pro <= 1.0.3 - Unauthenticated Privilege Escalation

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizzalmsproregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

9.8CVSS5.3AI score0.00368EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 4:36 a.m.30 views

CVE-2025-13563 Lizza LMS Pro <= 1.0.3 - Unauthenticated Privilege Escalation

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizzalmsproregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

9.8CVSS0.00368EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

WordPress plugin Lizza LMS Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS5.7AI score0.00368EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.6 views

PT-2026-20600

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizza lms pro register user front end' function not restricting what user roles a user can register with. This makes it possible for unauthenticated...

9.8CVSS5.5AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder