The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the 'llms_delete_cert' action in all
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Post Trashing due to a missing capability check on the delete_access_plan function
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to a missing capability checks on multi
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks
The LifterLMS WordPress plugin before 8.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against hig
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to a missing capability check on the 'bulk_action_handler'
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin not properly validating a user's identity prior to
The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_message() function in all versions up to, and inc
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data in all versions up to, and including, 4.2.9.2. This is due to missing capability checks on the Admin To
The Creator LMS – The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability
The Comment Images Reloaded plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the cir_delete_image AJAX action in all versions up to, and including,
The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents deletion due to a missing authorization and insufficient file path validation in the file-process.php in a
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to arbitrary user deletion due to a missing capability check on the wpsp_DeleteUser() function in all versions up to, an
Missing Authorization vulnerability in etruel WP Delete Post Copies etruel-del-post-copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Cop
The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() functio
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wp
The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lws_cl_delete_file' function in all versions up to, and including, 2.4.1.
The WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the w
The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up to, and including, 1.8
The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajax_delete_employee() function in versions 2.0.0 through 2.2.1
Page 1+ Next →