CVE-2025-49925

CVE-2025-49925 corresponds to a Missing Authorization (Broken Access Control) vulnerability in the WordPress WPLMS plugin up to version 1.9.9.7. Affected component is the WPLMS plugin of VibeThemes; root cause is functionality exposure not properly constrained by ACLs, allowing access to restrict...

PT-2025-43189

Name of the Vulnerable Software and Affected Versions VibeThemes WPLMS versions through 1.9.9.7 Description A missing authorization flaw exists in the WPLMS plugin. This issue allows access to functionality that is not properly restricted by Access Control Lists ACLs. Recommendations Update WPLMS...

WordPress plugin WPLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WPLMS versions = 1.9.9.7...