Skip to main content

Wordpress Learning Management System

2 CVEs product

Monthly

CVE-2024-10470 CRITICAL Act Now

The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal PHP WordPress Wordpress Learning Management System
NVD
CVSS 3.1
9.8
EPSS
33.9%
CVE-2023-36690 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wordpress Learning Management System
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 34% CVSS 9.8
CRITICAL Act Now

The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal PHP +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wordpress Learning Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy