9 matches found
CVE-2026-1998 micropython runtime.c mp_import_all memory corruption
A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...
CVE-2025-12099
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.3.8 via deserialization of untrusted input in the 'importallcourses' function. This makes it possible for authenticated...
EUVD-2025-38367
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.3.8 via deserialization of untrusted input in the 'importallcourses' function. This makes it possible for authenticated...
CVE-2025-12099
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.3.8 via deserialization of untrusted input in the 'importallcourses' function. This makes it possible for authenticated...
CVE-2025-12099
CVE-2025-12099 affects the Academy LMS – WordPress LMS Plugin for Complete eLearning Solution, with versions ≤ 3.3.8 vulnerable to PHP Object Injection via deserialization in import_all_courses. An authenticated attacker with Administrator+ rights can inject a PHP Object; impact depends on whethe...
CVE-2025-12099 Academy LMS – WordPress LMS Plugin for Complete eLearning Solution <= 3.3.8 - Authenticated (Administrator+) PHP Object Injection via 'import_all_courses'
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.3.8 via deserialization of untrusted input in the 'importallcourses' function. This makes it possible for authenticated...
CVE-2025-12099 Academy LMS – WordPress LMS Plugin for Complete eLearning Solution <= 3.3.8 - Authenticated (Administrator+) PHP Object Injection via 'import_all_courses'
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.3.8 via deserialization of untrusted input in the 'importallcourses' function. This makes it possible for authenticated...
WordPress plugin Academy LMS – WordPress LMS Plugin for Complete eLearning Solution 代码问题漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
CVE-2022-3244
CVE-2022-3244 pertains to the WordPress plugin “Import all XML, CSV & TXT”. Affected versions are prior to 6.5.8, with a lack of authorization in certain areas that could allow any authenticated user to access some plugin features if they obtain the related nonce. This is a post-authentication is...