Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Lenxel Core 1.1

  • Severity: high-risk
  • Status: Open
  • Publication: November 29, 2024

The Lenxel Core plugin for WordPress has a security issue in versions 1.1 and below. This means that someone who has logged in and has at least contributor-level access can include and run any file they want on the server. This can be used to get around security measures, get private information, or run code even if the file type is supposed to be safe.

Detected in:

Lenxel Core – The Ultimate WordPress LMS Plugin: Create Engaging AI Course Modules and AI Course Lessons Automatically fixed vulnerable versions:
Lenxel Core AI LMS – The Ultimate WordPress LMS Plugin: Create Engaging AI Course Modules and AI Course Lessons Automatically fixed vulnerable versions:
Lenxel Core for Lenxel(LNX) LMS open vulnerable versions: >= * <= 1.2.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.