Known Vulnerabilities for products from Vibethemes
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Vibethemes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-58668 json | Missing Authorization vulnerability in VibeThemes WPLMS wplms allows Exploiting Incorrectly Configured Access Control Securi... | Not Provided | 2025-09-22 | 2026-04-01 |
| CVE-2025-32493 json | Not Provided | 2025-04-09 | 2026-04-01 | |
| CVE-2024-56057 json | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56055 json | Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: fr... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56054 json | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56053 json | Not Provided | 2024-12-18 | 2026-04-01 | |
| CVE-2024-56052 json | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56051 json | Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows Code Injectio... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56050 json | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56049 json | Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: fr... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56048 json | Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained ... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56047 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_... | Not Provided | 2024-12-18 | 2026-04-01 |
| CVE-2024-56046 json | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a... | Not Provided | 2024-12-31 | 2026-04-01 |
| CVE-2024-56045 json | Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: fr... | Not Provided | 2024-12-31 | 2026-04-01 |
| CVE-2024-56044 json | Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS wplms_plugin allows Authentication... | Not Provided | 2024-12-31 | 2026-04-01 |
| CVE-2024-56043 json | Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS wplms_plugin allows Privilege Escalation.This issue affects ... | Not Provided | 2024-12-31 | 2026-04-01 |
| CVE-2024-56042 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_... | Not Provided | 2024-12-31 | 2026-04-01 |
| CVE-2023-36690 json | Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. | 8.8 - HIGH | 2023-07-11 | 2023-07-18 |
| CVE-2023-22672 json | Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions... | 8.8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-2704 json | The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This... | Not Provided | 2023-05-19 | 2026-04-08 |