44 matches found
CVE-2020-6009
LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection...
LearnDash WordPress LMS 3.1.2 Cross Site Scripting
Exploit Title: LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting Date: 2020-01-14 Vendor Homepage: https://www.learndash.com Vendor Changelog: https://learndash.releasenotes.io/release/uCskc-version-312 Exploit Author: Jinson Varghese Behanan Author Advisory:...
CVE-2020-7108
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field...
PT-2020-19376 · WordPress · Learndash Lms
Name of the Vulnerable Software and Affected Versions: LearnDash LMS plugin versions prior to 3.1.2 Description: The issue allows for XSS via the ld-profile search field. Recommendations: For versions prior to 3.1.2, update to version 3.1.2 or later to resolve the issue...