cbcvebase.

Uncanny Owl Uncanny Toolkit For Learndash vulnerabilities

6 known vulnerabilities affecting uncanny_owl/uncanny_toolkit_for_learndash.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2023-34020P3MEDIUMCVSS 6.1PoC≥ n/a, ≤ 3.6.4.32024-03-27
CVE-2023-34020 [MEDIUM] CWE-601 CVE-2023-34020: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
nvd
CVE-2023-23714P4HIGHCVSS 8.8≥ n/a, ≤ 3.6.4.12023-05-26
CVE-2023-23714 [HIGH] CWE-352 CVE-2023-23714: Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <= 3.6.4.1 versions.
nvd
CVE-2023-34019P4MEDIUMCVSS 6.5≥ n/a, ≤ 3.6.4.32024-12-13
CVE-2023-34019 [MEDIUM] CWE-862 CVE-2023-34019: Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Exploiting I Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
nvd
CVE-2025-57988P4MEDIUMCVSS 6.5≤ 3.7.0.32025-09-22
CVE-2025-57988 [MEDIUM] CWE-79 CVE-2025-57988: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.3.
nvd
CVE-2025-22268P4MEDIUMCVSS 6.5≤ 3.7.0.12025-04-15
CVE-2025-22268 [MEDIUM] CWE-79 CVE-2025-22268: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.1.
nvd
CVE-2025-48080P4MEDIUMCVSS 6.5≤ 3.7.0.22025-05-16
CVE-2025-48080 [MEDIUM] CWE-79 CVE-2025-48080: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash uncanny-learndash-toolkit allows Stored XSS.This issue affects Uncanny Toolkit for LearnDash: from n/a through <= 3.7.0.2.
nvd
Uncanny Owl Uncanny Toolkit For Learndash vulnerabilities | cvebase