Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/06/06 12:0 a.m.15 views

PT-2026-47134

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin for Create and Sell Online Courses versions prior to 4.3.7 Description An issue exists that allows unauthenticated attackers to extract sensitive data through an unrestricted SELECT fallback query. By sending ...

5.3CVSS5.5AI score0.00353EPSS
Exploits0References18
RedhatCVE
RedhatCVEadded 2026/06/05 7:11 p.m.12 views

CVE-2026-8890

code100x contains an authentication bypass vulnerability in the Mobile API that allows unauthenticated attackers to impersonate arbitrary users by supplying a crafted JSON payload in the 'g' HTTP header. The middleware in middleware.ts skips identity header generation when an Auth-Key header is...

8.8CVSS5.6AI score0.0049EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/14 1:24 p.m.3 views

CVE-2026-1870

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.9 views

PT-2025-43936

Name of the Vulnerable Software and Affected Versions LearnHouse versions prior to 98dfad76aad70711a8113f6c1fdabfccf10509ca Description A flaw exists in LearnHouse that allows for unrestricted file upload. The issue is located within the Course Thumbnail Handler component, specifically affecting ...

9.8CVSS6.6AI score0.00377EPSS
Exploits1References8
VulnCheck KEV
VulnCheck KEVadded 2024/09/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-8522

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'conlyfields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of...

10CVSS5.9AI score0.61355EPSS
Exploits6References1
OSV
OSVadded 2022/05/18 5:15 p.m.2 views

CVE-2022-28924

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...

6.5CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/05/18 5:15 p.m.1 views

CVE-2022-28924

An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...

6.5CVSS5.9AI score0.00935EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/05/18 12:0 a.m.3 views

UniverSIS-students 信息泄露漏洞

UniverSIS-students is the interface for all student interactions in UniverSIS. An information disclosure vulnerability exists in UniverSIS-students prior to version 1.5.0, which stems from a lack of sensitive information protection in /api/students/me/courses/. An attacker can use this...

6.5CVSS6.5AI score0.00935EPSS
Exploits1References2
Rows per page
Query Builder