Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.7 views

PT-2026-27250

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete question answer function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch ...

4.3CVSS5.8AI score0.00262EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2209

Malicious code in bioql PyPI...

6CVSS6.3AI score0.01717EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/05/23 9:41 a.m.8 views

CVE-2024-1208

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5.3CVSS6.7AI score0.05285EPSS
Exploits2References1
OSV
OSV
added 2024/02/05 10:16 p.m.5 views

CVE-2024-1208

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5.3CVSS5.8AI score0.05285EPSS
Exploits3References3
NVD
NVD
added 2024/02/05 10:16 p.m.20 views

CVE-2024-1208

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5.3CVSS5.1AI score0.05285EPSS
Exploits2References3
Prion
Prion
added 2024/02/05 10:16 p.m.21 views

Design/Logic Flaw

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5CVSS7AI score0.05285EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2024/02/05 9:21 p.m.43 views

CVE-2024-1208 LearnDash LMS <= 4.10.2 - Sensitive Information Exposure via API

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5.3CVSS5.4AI score0.05285EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2024/02/05 9:21 p.m.18 views

CVE-2024-1208 LearnDash LMS <= 4.10.2 - Sensitive Information Exposure via API

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5.3CVSS6.4AI score0.05285EPSS
Exploits2References3
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.20 views

LearnDash LMS < 4.10.3 - Sensitive Information Exposure via API

Description The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions...

5CVSS7AI score0.05285EPSS
Exploits2References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:34 a.m.30 views

Moodle XML import of ddwtos could lead to intentional remote code execution

moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' ddwtos type quiz questions, it was possible to inject and execute PHP code from within the imported question...

8.8CVSS8.1AI score0.04425EPSS
Exploits3References13Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.35 views

Moodle remote code execution via quiz questions

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz...

6CVSS7.6AI score0.01717EPSS
Exploits0References15Affected Software1
OSV
OSV
added 2012/07/21 3:38 a.m.4 views

UBUNTU-CVE-2012-2355

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use capability requirements and add arbitrary questions to a quiz via the questions feature...

4CVSS5.9AI score0.01414EPSS
Exploits0References3
Rows per page
Query Builder