4 matches found
WordPress Academy LMS Plugin <= 2.0.10 is vulnerable to Open Redirection
Software Academy LMS Type Plugin Vulnerable versions = 2.0.10 Fixed in 2.0.11 OWASP Top 10 A3: Injection Classification Open Redirection CVE CVE-2024-37234 Patch priority Low CVSS severity Low 3.5 Developer Claim ownership PSID 657d1fa47413 Credits Mochamad Sofyan Required privilege Subscriber...
WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability
Captcha Bypass vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Appointment Hour Booking versions = 1.4.56...
WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...
WordPress EventPrime Plugin <= 3.3.9 is vulnerable to Cross Site Scripting (XSS)
Software EventPrime Type Plugin Vulnerable versions = 3.3.9 Fixed in 3.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29776 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 775222193de6 Credits Mochamad Sofyan Required privilege...