CVE-2026-39354

Scoold is a Q and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any logged-in, low-privilege user to overwrite another user's existing question by supplying that question's public ID as the postId parameter to POST /questions/ask...

CVE-2026-39354

Scoold is a Q&A and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any logged-in, low-privilege user to overwrite another user's existing question by supplying that question's public ID as the postId parameter to POST /questions/ask...

PT-2026-30976

Scoold is a Q&A and a knowledge sharing platform for teams. Prior to 1.66.2, an authenticated authorization flaw in Scoold allows any logged-in, low-privilege user to overwrite another user's existing question by supplying that question's public ID as the postId parameter to POST /questions/ask...

Scoold 安全漏洞

Scoold is a team-based Q&A and knowledge-sharing platform developed by Erudika. Versions of Scoold prior to 1.66.2 contained security vulnerabilities. These vulnerabilities were due to authorization flaws, which could allow low-privilege users to override the permissions of other users...

CVE-2024-11366

The SEO Landing Page Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.66.2. This makes it possible for unauthenticated attackers to inject arbitrary web...

PT-2024-16938 · WordPress · Seo Landing Page Generator

Name of the Vulnerable Software and Affected Versions: SEO Landing Page Generator plugin for WordPress versions up to, and including, 1.66.2 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without proper escaping on the URL. This allows...