51 matches found
WordPress plugin WPLMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin WPLMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin WPLMS 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
PT-2024-36678 · Vibethemes · Wplms
Name of the Vulnerable Software and Affected Versions: WPLMS versions 1.9.9 and earlier Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation. This vulnerability affects the VibeThemes WPLMS plugin. Recommendations: For versions...
CVE-2024-56047
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...
CVE-2024-56047 WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...
CVE-2024-56053 WordPress WPLMS plugin < 1.9.9.5.3 - Instructor+ SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS wplmsplugin allows SQL Injection.This issue affects WPLMS: from n/a through 1.9.9.5.3...
CVE-2024-56048
CVE-2024-56048 affects WPLMS (WordPress LMS) up to version 1.9.9. The vulnerability is a Missing Authorization/Unauthenticated Privilege Escalation that allows updating privileged options and accessing restricted functionality, with reported exploitation in multiple disclosures. Several connected...
CVE-2024-56048 WordPress WPLMS plugin <= 1.9.9 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through 1.9.9...
CVE-2024-56052
CVE-2024-56052 : Unrestricted Upload of File with Dangerous Type in the WordPress LMS plugin WPLMS allows uploading a web shell to the web server. Affected: WPLMS versions prior to 1.9.9.5.2. Impact is described as severe, with CVSS ratings in sources indicating HIGH/CRITICAL levels (e.g., base s...
CVE-2024-56052 WordPress WPLMS plugin < 1.9.9.5.2 - Student+ Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplmsplugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.5.2...
CVE-2024-56054
CVE-2024-56054 affects the WordPress plugin WPLMS by VibeThemes. The connected Red Hat/Wordfence entries confirm an Unrestricted Upload of File with Dangerous Type vulnerability that enables uploading a web shell to the web server in WPLMS versions prior to 1.9.9.5.2. According to NVD, the CVSSv3...
CVE-2024-56054 WordPress WPLMS plugin < 1.9.9.5.2 - Instructor+ Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplmsplugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.5.2...
CVE-2024-56057 WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplmsplugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.5.2...
CVE-2024-56057 WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplmsplugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.5.2...
CVE-2024-56055 WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary Directory Deletion vulnerability
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2...
CVE-2024-56055
CVE-2024-56055 describes a path traversal vulnerability in the WPLMS WordPress plugin. The issue allows arbitrary directory deletion through path traversal in WPLMS versions up to 1.9.9.5.2 (authenticated as Contributor+). Public records indicate the root cause is a path traversal misconfiguratio...
WordPress plugin WPLMS SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
WordPress plugin WPLMS 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue...
WordPress plugin WPLMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...