8 matches found
CVE-2026-5167
The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.1.7. This is due to insufficient webhook signature verification in the handlewebhook function. The...
EUVD-2026-20117
The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.1.7. This is due to insufficient webhook signature verification in the handlewebhook function. The...
CVE-2026-5167
The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.1.7. This is due to insufficient webhook signature verification in the handlewebhook function. The...
PT-2026-31102
Name of the Vulnerable Software and Affected Versions Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress versions up to and including 2.1.7 Description The Masteriyo LMS plugin is affected by an authorization bypass issue. Insufficient webhook signature...
Aimeos Security Breach
Aimeos is an open source e-commerce framework for online stores open-sourced by Aimeos. A security vulnerability exists in Aimeos versions prior to 2020.10.27, 2021.10.21, 2022.10.12, 2023.10.14, and 2024.04.5, which stems from digital downloadable content sold in an online store that can be...
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...
WordPress post-pay-counter plugin injection vulnerability
WordPress is the WordPress Foundation's set of blogging platform using PHP language development. The platform supports PHP and MySQL servers to set up a personal blog site. post-pay-counter is used in one of the online paid content billing, management plug-ins. An injection vulnerability exists i...