Browse all 6 CVE security advisories affecting learningtimes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47647 | WordPress BadgeOS plugin <= 3.7.1.6 - Broken Access Control vulnerability — BadgeOSCWE-862 | 4.3 | Medium | 2025-01-02 |
| CVE-2023-2173 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion — BadgeOSCWE-639 | 6.5 | Medium | 2023-08-31 |
| CVE-2023-2171 | BadgeOS <= 3.7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — BadgeOSCWE-79 | 5.4 | Medium | 2023-08-31 |
| CVE-2023-2174 | BadgeOS <= 3.7.1.6 - Missing Authorization in delete_badgeos_log_entries — BadgeOSCWE-862 | 4.3 | Medium | 2023-08-31 |
| CVE-2023-2172 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Title Overwrite — BadgeOSCWE-639 | 4.3 | Medium | 2023-08-31 |
| CVE-2022-41987 | WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF) — BadgeOSCWE-352 | 6.3 | Medium | 2023-05-25 |
This page lists every published CVE security advisory associated with learningtimes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.