cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches foruncanny-learndash-toolkit uncanny-learndash-toolkit

Direction: descending
Apr 14, 2025

Uncanny Toolkit for LearnDash # CVE-2025-22268

CVE, Research URL

CVE-2025-22268

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Date
-
Research Description
Uncanny Toolkit for LearnDash [uncanny-learndash-toolkit] < 3.7.0.2 CVE-2025-22268
Affected versions
Min -, max -.
Status
vulnerable
Jun 10, 2024

Uncanny Toolkit for LearnDash # CVE-2023-34019

CVE, Research URL

CVE-2023-34019

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Date
Dec 13, 2024
Research Description
Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
Affected versions
Min -, max -.
Status
vulnerable
Jun 06, 2024

Uncanny Toolkit for LearnDash # CVE-2023-34020

CVE, Research URL

CVE-2023-34020

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Date
Mar 27, 2024
Research Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
Affected versions
Min -, max -.
Status
vulnerable

Uncanny Toolkit for LearnDash # a71a0bec03a978f9d8c20118b6bcf0711f2cdf69

CVE, Research URL

a71a0bec03a978f9d8c20118b6bcf0711f2cdf69

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Date
Nov 26, 2022
Research Description
Uncanny Toolkit for LearnDash [uncanny-learndash-toolkit] < 3.6.4 Uncanny Toolkit for LearnDash <= 3.6.3 - Cross-Site Request Forgery The Uncanny Toolkit for LearnDash plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.6.3. This is due to missing nonce validation on several functions such as the ajax_activate_deactivate_module function. This makes it possible for unauthenticated attackers to change plugin settings, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
Min -, max -.
Status
vulnerable

Uncanny Toolkit for LearnDash # CVE-2023-23714

CVE, Research URL

CVE-2023-23714

Home page URL

Security reports for Uncanny Toolkit for LearnDash

Application

Uncanny Toolkit for LearnDash

Date
May 26, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.
Affected versions
Min -, max -.
Status
vulnerable