CVE-2025-68982

Missing Authorization vulnerability in designthemes DesignThemes LMS Addon designthemes-lms-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes LMS Addon: from n/a through = 2.6...

CVE-2025-68982 WordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes LMS Addon designthemes-lms-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes LMS Addon: from n/a through = 2.6...

CVE-2025-68982 WordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in designthemes DesignThemes LMS Addon designthemes-lms-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DesignThemes LMS Addon: from n/a through = 2.6...

WordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin DesignThemes LMS Addon versions = 2.6...

WordPress DesignThemes LMS plugin <= 1.0.4 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by シルAsuna in WordPress Plugin DesignThemes LMS versions = 1.0.4...

CVE-2025-13542 DesignThemes LMS <= 1.0.4 - Unauthenticated Privilege Escalation

The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. This is due to the 'dtlmsregisteruserfrontend' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to...

WordPress plugin DesignThemes LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2025-19302

Malicious code in bioql PyPI...

EUVD-2025-20005

Malicious code in bioql PyPI...

CVE-2025-52833

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in designthemes LMS lms allows SQL Injection.This issue affects LMS: from n/a through = 9.2...

CVE-2025-52833

CVE-2025-52833 is an SQL injection in designthemes LMS (WordPress LMS theme). Affected versions are n/a through 9.1; impact is high (CVSS 3.1 base 9.3) with full confidentiality impact and partial integrity/availability concerns. Root cause: improper neutralization of special elements used in SQL...

PT-2025-27943 · Designthemes · Designthemes Lms

Name of the Vulnerable Software and Affected Versions: designthemes LMS versions n/a through 9.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: F...

CVE-2025-52799

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes LMS lms allows Reflected XSS.This issue affects LMS: from n/a through = 9.2...

CVE-2025-52799

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designthemes LMS lms allows Reflected XSS.This issue affects LMS: from n/a through = 9.2...

PT-2025-27126 · Designthemes · Designthemes Lms

Name of the Vulnerable Software and Affected Versions: designthemes LMS versions n/a through 9.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can inject...