CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50408 – WordPress Namaste! LMS plugin <= 2.6.3 - PHP Object Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-50408
Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object Injection.This issue affects Namaste! LMS: from n/a through 2.6.3. The Namaste! LMS plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.6.3 via deserialization of untrusted input. • https://patchstack.com/database/vulnerability/namaste-lms/wordpress-namaste-lms-plugin-2-6-3-php-object-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50407 – WordPress Namaste! LMS plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-50407
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Namaste! LMS allows Reflected XSS.This issue affects Namaste! LMS: from n/a through 2.6.2. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o "Cross-site Scripting") en Kiboko Labs Namaste! LMS permite XSS reflejado. • https://patchstack.com/database/vulnerability/namaste-lms/wordpress-namaste-lms-plugin-2-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50409 – WordPress Namaste! LMS plugin <= 2.6.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-50409
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Namaste! LMS allows Stored XSS.This issue affects Namaste! LMS: from n/a through 2.6.2. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o "Cross-site Scripting") en Kiboko Labs Namaste! LMS permite XSS almacenado. • https://patchstack.com/database/vulnerability/namaste-lms/wordpress-namaste-lms-plugin-2-6-2-cross-site-scripting-xss-vulnerability-2?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50410 – WordPress Namaste! LMS plugin <= 2.6.4 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-50410
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Namaste! LMS allows Stored XSS.This issue affects Namaste! LMS: from n/a through 2.6.4. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o "Cross-site Scripting") en Kiboko Labs Namaste! LMS permite XSS almacenado. • https://patchstack.com/database/vulnerability/namaste-lms/wordpress-namaste-lms-plugin-2-6-4-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43990 – WordPress Masterstudy LMS Starter theme <= 1.1.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43990
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS Starter.This issue affects Masterstudy LMS Starter: from n/a through 1.1.8. The Masterstudy - Education WordPress Theme theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/ms-lms-starter-theme/wordpress-masterstudy-lms-starter-theme-1-1-8-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •