WordPress plugin DesignThemes LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

EUVD-2025-13296

Malicious code in bioql PyPI...

EUVD-2024-49044

Malicious code in bioql PyPI...

PT-2025-18761 · WordPress · Mstore Api +1

Name of the Vulnerable Software and Affected Versions: MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress versions up to, and including, 4.17.4 Description: The issue is related to limited privilege escalation due to a lack of restriction of role when registering,...

PT-2025-17351 · WordPress · Urbango Membership

Name of the Vulnerable Software and Affected Versions: UrbanGo Membership plugin for WordPress versions up to, and including, 1.0.4 Description: The issue is related to privilege escalation due to the plugin allowing users who are registering new accounts to set their own role or by supplying the...

CVE-2024-4444 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to register as the...

CVE-2024-4444

CVE-2024-4444 affects the LearnPress – WordPress LMS Plugin for WordPress. The vulnerability is in LearnPress versions up to 4.2.6.5 and is caused by missing checks in the checkout’s create_account function, enabling unauthenticated attackers to register as the site’s default role even when regis...