2 matches found
CVE-2024-4444 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to register as the...
PT-2024-21669 · Apache · Apache Archiva
Name of the Vulnerable Software and Affected Versions: Apache Archiva affected versions not specified Description: The issue is related to an Incorrect Authorization vulnerability in Apache Archiva, where a setting to disable user registration can be bypassed. Since Apache Archiva has been retire...