Product
learndash
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-56940
CVE-2024-56939
CVE-2024-56938
CVE-2024-1210
CVE-2024-1209
CVE-2024-1208
CVE-2023-28777
CVE-2023-3105
CVE-2018-25019
CVE-2020-6009
CVE-2020-7108
all versions
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessiv
all versions
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the ld-comment-body class.
all versions
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the materials-content class.
< 4.10.2
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.
< 4.10.3
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.
< 4.10.3
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.
<= 4.5.3
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LMS allo
<= 4.6.0
The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0.
<= 2.5.4
The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the l
< 3.1.6
LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection.
>= 3.0 and < 3.1.2
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.