41 matches found
EUVD-2021-11941
Malware in sbrugna...
EUVD-2024-34118
Malicious code in bioql PyPI...
EUVD-2023-45165
Malicious code in bioql PyPI...
EUVD-2024-34292
Malicious code in bioql PyPI...
CVE-2024-11444
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...
CVE-2024-11328
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.13.2. This makes it possible for unauthenticated attackers to...
CVE-2023-40607
Cross-Site Request Forgery CSRF vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin = 1.10.0 versions...
CVE-2021-25029
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-11328
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.13.2. This makes it possible for unauthenticated attackers to...
CVE-2024-11328 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Reflected Cross-Site Scripting
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.13.2. This makes it possible for unauthenticated attackers to...
CVE-2024-11328
CVE-2024-11328 affects the CLUEVO LMS, a WordPress plugin, in versions up to and including 1.13.2. The issue is Reflected Cross-Site Scripting caused by using add_query_arg and remove_query_arg without proper escaping on the URL. Information from Red Hat and Wordfence confirms the vulnerability, ...
CVE-2024-11328 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Reflected Cross-Site Scripting
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.13.2. This makes it possible for unauthenticated attackers to...
WordPress CLUEVO LMS, E-Learning Platform plugin <= 1.13.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin CLUEVO LMS, E-Learning Platform versions = 1.13.2...
PT-2025-1638 · WordPress · Cluevo Lms
Name of the Vulnerable Software and Affected Versions: CLUEVO LMS, E-Learning Platform plugin for WordPress versions up to, and including, 1.13.2 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg without appropriate escaping o...
WordPress plugin CLUEVO LMS, E-Learning Platform 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blogs on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin CLUEVO LMS, E-Learning Platform...
CVE-2024-11444
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...
CVE-2024-11444 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Cross-Site Request Forgery to Module Deletion
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...
CVE-2024-11444
CVE-2024-11444 : CLUEVO LMS (WordPress plugin)
CVE-2024-11444 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Cross-Site Request Forgery to Module Deletion
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...
PT-2024-16998 · WordPress · Cluevo Lms
Name of the Vulnerable Software and Affected Versions: CLUEVO LMS, E-Learning Platform plugin for WordPress versions up to, and including, 1.13.2 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the cluevo render module ui function...