Lucene search
K

7 matches found

EUVD
EUVD
added yesterday9 views

EUVD-2026-41469

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 4.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

4.9CVSS5.8AI score
Exploits0References6
Cvelist
Cvelist
added 2026/05/14 3:27 a.m.53 views

CVE-2026-7648 LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' Parameter

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

4.3CVSS0.00423EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40851

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, whi...

4.3CVSS5.8AI score0.00423EPSS
Exploits0References9
Fedora
Fedora
added 2025/12/05 2:11 a.m.7 views

[SECURITY] Fedora 43 Update: libcoap-4.3.5a-1.fc43

The Constrained Application Protocol CoAP is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine M2M applications such as smart energy and building automation. libcoap implements a...

9.8CVSS7AI score0.00415EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.6 views

PT-2025-47915

Name of the Vulnerable Software and Affected Versions libcoap version 4.3.5 Description A flaw exists in libcoap where a null pointer dereference in the coap dtls info callback function can occur. This happens during a DTLS handshake when SSL get app data returns NULL, potentially leading to a...

4.3CVSS6.3AI score0.00226EPSS
Exploits0References12
OSV
OSV
added 2018/11/28 4:29 p.m.3 views

CVE-2018-14749

Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS...

9.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2018/11/28 4:29 p.m.3 views

CVE-2018-14746

Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS...

9.8CVSS6AI score0.03302EPSS
Exploits0References1
Rows per page
Query Builder