Filtered by vendor Vibethemes
Subscribe
Filtered by product Wordpress Learning Management System
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-10139 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-16 | N/A | 8.8 HIGH |
| The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account. | |||||
| CVE-2024-56055 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.5 HIGH |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2025-63035 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through <= 1.9.9.5.4. | |||||