Filtered by vendor Vibethemes
Subscribe
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-10139 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-16 | N/A | 8.8 HIGH |
| The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account. | |||||
| CVE-2024-56044 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-15 | N/A | 9.8 CRITICAL |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows Authentication Bypass.This issue affects WPLMS: from n/a through 1.9.9. | |||||
| CVE-2023-36690 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-15 | N/A | 8.1 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. | |||||
| CVE-2024-56045 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.3 CRITICAL |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5. | |||||
| CVE-2025-49925 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 7.3 HIGH |
| Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7. | |||||
| CVE-2024-56047 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3. | |||||
| CVE-2024-56048 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.8 HIGH |
| Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through 1.9.9. | |||||
| CVE-2024-56049 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.5 HIGH |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2024-56050 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.9 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.3. | |||||
| CVE-2024-56051 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.5 HIGH |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects WPLMS: from n/a before 1.9.9.5. | |||||
| CVE-2024-56052 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.9 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2024-56053 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 7.6 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3. | |||||
| CVE-2024-56054 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.1 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2024-56055 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 8.5 HIGH |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2024-56057 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.9 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. | |||||
| CVE-2024-56042 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.3 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3. | |||||
| CVE-2024-56046 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 10.0 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9. | |||||
| CVE-2024-56043 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 9.8 CRITICAL |
| Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allows Privilege Escalation.This issue affects WPLMS: from n/a through 1.9.9. | |||||
| CVE-2025-58668 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 4.3 MEDIUM |
| Missing Authorization vulnerability in VibeThemes WPLMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLMS : from n/a through 4.970. | |||||
| CVE-2025-63035 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-12 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through <= 1.9.9.5.4. | |||||