Vibethemes
vibethemes
25 CVEs • 4 products
Products (4)
Click to collapseToggle
Products (4)
Click to collapse
CVEs (25)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Vibethemes 1Wordpress Learning Management System Jan 30, 2026 Dec 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows DOM-Based XSS.This issue affects WPLMS: from n/a through <= 1.9.9.5.4. |
1Vibethemes 1Wordpress Learning Management System Jan 20, 2026 Oct 22, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes WPLMS wplms_plugin allows Reflected XSS.This issue affects WPLMS: from n/a through <= 1.9.9.8. |
1Vibethemes 1Wordpress Learning Management System Apr 27, 2026 Oct 22, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9.7. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Sep 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in VibeThemes WPLMS wplms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLMS : from n/a through <= 4.970. |
1Vibethemes 1Wordpress Learning Management System Dec 16, 2025 Jul 19, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action. This makes it possible for authenticated attackers to change otherwise restricte...Show more |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 31, 2024 N/A· v4 9.3 CRITICAL· v3 N/A· v2 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 31, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication Bypass.This issue affects WPLMS: from n/a through <= 1.9.9. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 31, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS wplms_plugin allows Privilege Escalation.This issue affects WPLMS: from n/a through <= 1.9.9. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 31, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through <= 1.9.9. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 31, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows Code Injection.This issue affects WPLMS: from n/a through < 1.9.9.5. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.3. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.5 HIGH· v3 N/A· v2 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9. |
1Vibethemes 1Wordpress Learning Management System Apr 23, 2026 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. |