CVE-2021-24562
- EPSS 0.61%
- Veröffentlicht 23.08.2021 12:15:10
- Zuletzt bearbeitet 21.11.2024 05:53:18
The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades
CVE-2021-24308
- EPSS 0.27%
- Veröffentlicht 24.05.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:52:48
The 'State' field of the Edit profile page of the LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.1 is not properly sanitised when output in the About section of the profile page, lead...
CVE-2020-6008
- EPSS 7.55%
- Veröffentlicht 31.03.2020 15:15:22
- Zuletzt bearbeitet 21.11.2024 05:34:58
LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution
CVE-2019-15896
- EPSS 3.72%
- Veröffentlicht 10.09.2019 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:29:41
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (ad...