| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-59415 | Frappe Learning vulnerable to Malicious Content upload via Profile bio field | frappe | lms | Medium | 4.6 | 2025-09-17 21:07:58 | Deep Dive |
| CVE-2025-58993 | WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability | Themeum | Tutor LMS | High | 7.6 | 2025-09-09 16:33:07 | Deep Dive |
| CVE-2025-54744 | WordPress MasterStudy LMS plugin <= 3.6.15 - Broken Access Control vulnerability | Stylemix | MasterStudy LMS | Medium | 6.5 | 2025-09-05 16:15:39 | Deep Dive |
| CVE-2025-7841 | Sertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings Update | sertifier | Sertifier Certificate & Badge Maker for WordPress – Tutor LMS | Medium | 4.3 | 2025-08-23 04:25:49 | Deep Dive |
| CVE-2025-54699 | WordPress Masteriyo - LMS Plugin plugin <= 1.18.3 - Cross Site Scripting (XSS) Vulnerability | masteriyo | Masteriyo - LMS | Medium | 6.5 | 2025-08-14 10:34:55 | Deep Dive |
| CVE-2025-6184 | Tutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL Injection | themeum | Tutor LMS Pro | High | 8.8 | 2025-08-13 06:39:50 | Deep Dive |
| CVE-2025-55006 | Frappe Learning Holds Potential for Malicious SVG Upload in Image Upload Feature | frappe | lms | Medium | 4.3 | 2025-08-09 02:01:57 | Deep Dive |
| CVE-2025-8071 | Mine CloudVod <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via audio Parameter | 995525477-1 | Mine CloudVod LMS | Medium | 6.4 | 2025-07-24 09:22:17 | Deep Dive |
| CVE-2015-10139 | WPLMS Learning Management System for WordPress, WordPress LMS <= 1.8.4.1 - Privilege Escalation | VibeThemes | WPLMS Learning Management System for WordPress, WordPress LMS | High | 8.8 | 2025-07-19 11:23:37 | Deep Dive |
| CVE-2025-7438 | MasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File Upload | StylemixThemes | MasterStudy LMS Pro | High | 7.5 | 2025-07-18 06:45:33 | Deep Dive |
| CVE-2025-30973 | WordPress CoSchool LMS plugin <= 1.4.3 - PHP Object Injection Vulnerability | Codexpert, Inc | CoSchool LMS | Critical | 9.8 | 2025-07-16 11:28:08 | Deep Dive |
| CVE-2025-52833 | WordPress LMS theme <= 9.2 - SQL Injection Vulnerability | designthemes | LMS | Critical | 9.3 | 2025-07-04 11:17:51 | Deep Dive |
| CVE-2024-13786 | Education Center | LMS & Online Courses WordPress Theme <= 3.6.10 - PHP Object Injection | ThemeREX | Education Center | LMS & Online Courses WordPress Theme | Critical | 9.8 | 2025-07-02 06:40:24 | Deep Dive |
| CVE-2025-52799 | WordPress LMS theme <= 9.2 - Reflected Cross Site Scripting (XSS) Vulnerability | designthemes | LMS | High | 7.1 | 2025-06-27 11:52:23 | Deep Dive |
| CVE-2025-4800 | MasterStudy LMS Pro <= 4.7.0 - Authenticated (Subscriber+) Arbitrary File Upload | StylemixThemes | MasterStudy LMS Pro | High | 8.8 | 2025-05-28 05:24:22 | Deep Dive |
| CVE-2024-33939 | WordPress LMS by Masteriyo plugin <= 1.7.3 - Broken Authentication vulnerability | masteriyo | Masteriyo - LMS | Medium | 5.3 | 2025-05-19 15:55:19 | Deep Dive |
| CVE-2024-8009 | Sensei LMS < 4.20.0 - Teacher+ Users Email Address Disclosure | Unknown | Sensei LMS | - | - | 2025-05-15 20:09:47 | Deep Dive |
| CVE-2025-2101 | Edumall <= 4.2.4 - Unauthenticated Local File Inclusion | ThemeMove | EduMall - Professional LMS Education Center WordPress Theme | High | 8.1 | 2025-04-26 08:23:21 | Deep Dive |
| CVE-2025-32230 | WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability | Themeum | Tutor LMS | Medium | 4.3 | 2025-04-10 08:09:46 | Deep Dive |
| CVE-2025-32237 | WordPress MasterStudy LMS plugin <= 3.5.28 - Broken Access Control vulnerability | Stylemix | MasterStudy LMS | Medium | 4.3 | 2025-04-04 15:59:21 | Deep Dive |