Namaste! Lms Security Vulnerabilities and Issues — Namaste! Lms CVE List

Lucene search

KibokolabsNamaste! Lms

4 matches found

CVE•added 2023/11/15 1:15 p.m.•69 views

CVE-2023-4602

The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scri...

6.1CVSS6.2AI score0.0087EPSS

CVE•added 2023/02/27 4:15 p.m.•56 views

CVE-2023-0548

The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8CVSS4.7AI score0.00113EPSS

CVE•added 2023/03/13 5:15 p.m.•46 views

CVE-2023-0844

The Namaste! LMS WordPress plugin before 2.6 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8CVSS5AI score0.00093EPSS

CVE•added 2023/04/06 11:15 a.m.•30 views

CVE-2023-24383

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Namaste! LMS plugin

5.9CVSS4.9AI score0.00106EPSS