Shodan
Vulnerabilities
Vulnerable Software
Vibethemes:  >> Wordpress Learning Management System  >> 1.9.9.5  Security Vulnerabilities
CVE-2025-63035
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through <= 1.9.9.5.4.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-53420
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows Reflected XSS.This issue affects WPLMS: from n/a through <= 1.9.9.8.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-10-22
CVE-2025-49925
Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-10-22
CVE-2025-58668
Missing Authorization vulnerability in VibeThemes WPLMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLMS : from n/a through 4.970.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-09-22
CVE-2024-56042
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.
CVSS Score
9.3
EPSS Score
0.001
Published
2024-12-31
CVE-2024-56053
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.
CVSS Score
7.6
EPSS Score
0.002
Published
2024-12-18
CVE-2024-56054
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.
CVSS Score
9.1
EPSS Score
0.004
Published
2024-12-18
CVE-2024-56055
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.
CVSS Score
8.5
EPSS Score
0.007
Published
2024-12-18
CVE-2024-56057
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.
CVSS Score
9.9
EPSS Score
0.009
Published
2024-12-18
CVE-2024-56047
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.
CVSS Score
8.5
EPSS Score
0.001
Published
2024-12-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved