Lucene search
K

8 matches found

CVE
CVE
added 2026/01/22 4:52 p.m.8 views

CVE-2025-69097

CVE-2025-69097 describes an unauthenticated path traversal vulnerability in the WordPress WPLMS plugin (VibeThemes) that enables arbitrary file deletion. Affected: WPLMS plugin versions up to and including 1.9.9.5.4. Public sources (CVE records and Red Hat/Reddit references) allege the issue, wit...

8.6CVSS5.4AI score0.00479EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:18 p.m.3 views

CVE-2025-63035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

6.5CVSS0.00161EPSS
Exploits0References1
OSV
OSV
added 2024/12/31 1:15 p.m.3 views

CVE-2024-56046

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9...

9.8CVSS5.8AI score0.00743EPSS
Exploits0References1
OSV
OSV
added 2024/12/31 1:15 p.m.4 views

CVE-2024-56042

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...

9.8CVSS7.6AI score0.00688EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/31 12:0 a.m.4 views

PT-2024-36679 · Vibethemes · Wplms

Name of the Vulnerable Software and Affected Versions: VibeThemes WPLMS versions 1.9.9 and earlier Description: The issue is related to an authentication bypass using an alternate path or channel, allowing unauthorized access. This problem lets a user bypass authentication using another path...

9.8CVSS9.6AI score0.00796EPSS
Exploits0References7
OSV
OSV
added 2024/12/18 7:15 p.m.2 views

CVE-2024-56055

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2...

8.8CVSS7.3AI score0.00459EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 7:15 p.m.3 views

CVE-2024-56052

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2...

8.8CVSS7.5AI score0.00682EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 1:15 p.m.4 views

CVE-2023-36690

Cross-Site Request Forgery CSRF vulnerability in VibeThemes WPLMS theme = 4.900 versions...

8.8CVSS7.3AI score0.00248EPSS
Exploits0References1
Rows per page
Query Builder