CVE-2024-53809
- EPSS 0.14%
- Veröffentlicht 06.12.2024 14:15:23
- Zuletzt bearbeitet 15.04.2026 00:35:42
Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS namaste-lms allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through <= 2.6.4.1.
CVE-2023-24383
- EPSS 0.3%
- Veröffentlicht 06.04.2023 11:15:06
- Zuletzt bearbeitet 21.11.2024 07:47:45
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Namaste! LMS plugin <= 2.5.9.1 versions.
CVE-2023-0844
- EPSS 0.33%
- Veröffentlicht 13.03.2023 17:15:12
- Zuletzt bearbeitet 27.02.2025 16:15:35
The Namaste! LMS WordPress plugin before 2.6 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed...
CVE-2023-0548
- EPSS 0.29%
- Veröffentlicht 27.02.2023 16:15:12
- Zuletzt bearbeitet 10.03.2025 18:15:26
The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall...