Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total4
Critical0
High0
Medium4
Reset
Showing 1-4 of 4 records
Threat Entry Updated 2026-06-17

CVE-2026-7566 - Migration Tool Plugin

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.4 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme…

PLUGIN Migration Tool

CVE-2026-7566

MEDIUM CVSS 6.6 2026-06-06
Open Full Technical Breakdown
Threat Entry Updated 2026-06-17

CVE-2026-7565 - Migration Tool Plugin

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

PLUGIN Migration Tool

CVE-2026-7565

MEDIUM CVSS 4.9 2026-06-06
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-1804 - Migration Tool Plugin

The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses.

PLUGIN Migration Tool

CVE-2024-1804

MEDIUM CVSS 4.3 2024-07-27
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2024-1798 - Migration Tool Plugin

The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutor_lp_export_xml function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to export courses, including private and password protected courses.

PLUGIN Migration Tool

CVE-2024-1798

MEDIUM CVSS 5.3 2024-07-27
Open Full Technical Breakdown
Scroll to top