Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.5 views

CVE-2026-0953

The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that the email provided in the authentication request matches the email from the validated OAuth token...

9.8CVSS5.8AI score0.00655EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 6:31 p.m.3 views

EUVD-2026-10473

The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that the email provided in the authentication request matches the email from the validated OAuth token...

9.8CVSS5.8AI score0.00655EPSS
Exploits0References3
CVE
CVE
added 2025/10/22 11:25 a.m.20 views

CVE-2025-11086

Summary of CVE-2025-11086 (Academy LMS Pro for WordPress) : The plugin up to version 3.3.7 is vulnerable to unauthenticated privilege escalation during user registration via the Social Login addon. The root cause is improper validation of the user’s role before registering the new user, allowing ...

8.1CVSS5.9AI score0.00367EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/22 11:25 a.m.5 views

CVE-2025-11086 Academy LMS Pro <= 3.3.7 - Unauthenticated Privilege Escalation via Social Login Addon

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.7. This is due to the plugin not properly validating a user's role prior to registering a user via the Social Login addon. Th...

8.1CVSS5.9AI score0.00367EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/22 11:25 a.m.6 views

CVE-2025-11086 Academy LMS Pro <= 3.3.7 - Unauthenticated Privilege Escalation via Social Login Addon

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.7. This is due to the plugin not properly validating a user's role prior to registering a user via the Social Login addon. Th...

8.1CVSS0.00367EPSS
Exploits0References3
Rows per page
Query Builder