CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-56057	WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. CVSS: CRITICAL (9.9) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56055	WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary Directory Deletion vulnerability Description: Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. CVSS: HIGH (8.5) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56054	WordPress WPLMS plugin < 1.9.9.5.2 - Instructor+ Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. CVSS: CRITICAL (9.1) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56053	WordPress WPLMS plugin < 1.9.9.5.3 - Instructor+ SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3. CVSS: HIGH (7.6) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56052	WordPress WPLMS plugin < 1.9.9.5.2 - Student+ Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. CVSS: CRITICAL (9.9) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56051	WordPress WPLMS plugin < 1.9.9.5 - Student+ Remote Code Execution (RCE) vulnerability Description: Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects WPLMS: from n/a before 1.9.9.5. CVSS: HIGH (8.5) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56050	WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.3. CVSS: CRITICAL (9.9) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56049	WordPress WPLMS plugin < 1.9.9.5.2 - Subscriber+ Arbitrary File Deletion vulnerability Description: Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. CVSS: HIGH (8.5) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56048	WordPress WPLMS plugin <= 1.9.9 - Arbitrary Option Update to Privilege Escalation vulnerability Description: Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through 1.9.9. CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)
CVE-2024-56047	WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3. CVSS: HIGH (8.5) EPSS Score: 0.04% Source: CVE December 19th, 2024 (7 months ago)