Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 394 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-68982 WordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerability designthemesDesignThemes LMS Addon Medium 5.3 2025-12-30 10:47:49 Deep Dive
CVE-2025-68527 WordPress Academy LMS plugin <= 3.4.0 - Cross Site Scripting (XSS) vulnerability Kodezen LLCAcademy LMS Medium 6.5 2025-12-24 12:31:25 Deep Dive
CVE-2025-64270 WordPress Masteriyo - LMS plugin <= 2.0.3 - Sensitive Data Exposure vulnerability masteriyoMasteriyo - LMS--2025-12-18 07:22:15 Deep Dive
CVE-2025-64214 WordPress MasterStudy LMS Pro plugin < 4.7.16 - Arbitrary Content Deletion vulnerability StylemixThemesMasterStudy LMS Pro High 7.5 2025-12-18 07:22:12 Deep Dive
CVE-2025-64213 WordPress MasterStudy LMS Pro plugin < 4.7.16 - Sensitive Data Exposure vulnerability StylemixThemesMasterStudy LMS Pro--2025-12-18 07:22:12 Deep Dive
CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2025-12-16 04:31:35 Deep Dive
CVE-2023-53876 Academy LMS 6.1 Arbitrary File Upload Vulnerability via Profile Settings CreativeitemAcademy LMS--2025-12-15 20:28:17 Deep Dive
CVE-2025-14387 LearnPress – WordPress LMS Plugin <= 4.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via get_profile_social thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.4 2025-12-15 15:30:55 Deep Dive
CVE-2025-14156 Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder' ays-proFox LMS – WordPress LMS Plugin Critical 9.8 2025-12-15 14:25:13 Deep Dive
CVE-2025-67734 Frappe Authenticated Users can Execute JavaScript through its Job Form frappelms--2025-12-12 19:48:59 Deep Dive
CVE-2025-67730 Frappe authenticated users can execute XSS through form description fields frappelms--2025-12-12 07:23:54 Deep Dive
CVE-2025-63042 WordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability ThemeumTutor LMS Elementor Addons--2025-12-09 14:52:31 Deep Dive
CVE-2025-66581 Frappe LMS is Missing Server-Side Authorization in Business Logic frappelms 中危 -2025-12-05 18:26:21 Deep Dive
CVE-2025-13542 DesignThemes LMS <= 1.0.4 - Unauthenticated Privilege Escalation DesignThemesDesignThemes LMS Critical 9.8 2025-12-02 19:27:16 Deep Dive
CVE-2025-11368 LearnPress – WordPress LMS Plugin <= 4.2.9.4 - Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information Exposure thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2025-11-21 05:32:05 Deep Dive
CVE-2025-11923 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes - Various Versions - Authenticated (Student+) Privilege Escalation chrisbadgettLifterLMS – WP LMS for eLearning, Online Courses, & Quizzes High 8.8 2025-11-13 03:27:39 Deep Dive
CVE-2025-64707 Frappe LMS revoking access did not show immediate effect as roles were cached frappelms 低危 -2025-11-12 22:27:55 Deep Dive
CVE-2025-64705 Frappe user was able to access the submission of other students frappelms 中危 -2025-11-12 22:25:50 Deep Dive
CVE-2025-12098 Academy LMS Pro <= 3.3.8 - Unauthenticated Sensitive Information Exposure via 'enqueue_social_login_script' academylmsAcademy LMS Pro Medium 5.3 2025-11-08 08:27:42 Deep Dive
CVE-2025-12099 Academy LMS – WordPress LMS Plugin for Complete eLearning Solution <= 3.3.8 - Authenticated (Administrator+) PHP Object Injection via 'import_all_courses' kodezenAcademy LMS – WordPress LMS Plugin for Complete eLearning Solution High 7.2 2025-11-08 08:27:41 Deep Dive