5 matches found
PT-2026-32084
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized private course enrollment in all versions up to, and including, 3.9.7. This is due to missing post status validation in the enroll now and course enrollment functions. Both enrollment endpoints...
WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
CVE-2025-11701
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-11701
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
EUVD-2025-34537
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...