CVE-2025-69097

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in VibeThemes WPLMS wplmsplugin allows Path Traversal.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-69097 WordPress WPLMS plugin <= 1.9.9.5.4 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in VibeThemes WPLMS wplmsplugin allows Path Traversal.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-69097

CVE-2025-69097 describes an unauthenticated path traversal vulnerability in the WordPress WPLMS plugin (VibeThemes) that enables arbitrary file deletion. Affected: WPLMS plugin versions up to and including 1.9.9.5.4. Public sources (CVE records and Red Hat/Reddit references) allege the issue, wit...

PT-2026-4167

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in VibeThemes WPLMS wplms plugin allows Path Traversal.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

WordPress plugin WPLMS has a path traversal vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2025-63035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-63035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-63035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-63035 WordPress WPLMS plugin <= 1.9.9.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-63035 WordPress WPLMS plugin <= 1.9.9.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through = 1.9.9.5.4...

CVE-2025-63035

CVE-2025-63035 affects the WordPress WPLMS plugin (WPLMS wplms_plugin) up to version 1.9.9.5.4. The issue is a DOM-Based Cross-Site Scripting vulnerability caused by improper input neutralization during web page generation. This can enable script execution within the context of the affected site....

WordPress plugin WPLMS 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

WordPress WPLMS plugin <= 1.9.9.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WPLMS versions = 1.9.9.5.4...

CVE-2025-53420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...

CVE-2025-53420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...

CVE-2025-53420

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...

CVE-2025-49925

Missing Authorization vulnerability in VibeThemes WPLMS wplmsplugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through = 1.9.9.7...

CVE-2025-49925

Missing Authorization vulnerability in VibeThemes WPLMS wplmsplugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through = 1.9.9.7...

CVE-2025-53420 WordPress WPLMS plugin <= 1.9.9.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...

CVE-2025-53420 WordPress WPLMS plugin <= 1.9.9.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VibeThemes WPLMS wplmsplugin allows Reflected XSS.This issue affects WPLMS: from n/a through = 1.9.9.8...