Browse all 6 CVE security advisories affecting LearningTimes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LearningTimes develops educational platforms and learning management systems used by academic institutions. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access controls. While no major public security incidents have been widely reported, the six CVEs on record indicate consistent security challenges, particularly in web application components. Their systems typically handle sensitive educational data, making proper vulnerability remediation critical. The company's security posture appears reactive rather than proactive, with vulnerabilities discovered and disclosed through external research rather than internal testing programs.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47647 | WordPress BadgeOS plugin <= 3.7.1.6 - Broken Access Control vulnerability — BadgeOSCWE-862 | 4.3 | Medium | 2025-01-02 |
| CVE-2023-2173 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion — BadgeOSCWE-639 | 6.5 | Medium | 2023-08-31 |
| CVE-2023-2171 | BadgeOS <= 3.7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — BadgeOSCWE-79 | 5.4 | Medium | 2023-08-31 |
| CVE-2023-2174 | BadgeOS <= 3.7.1.6 - Missing Authorization in delete_badgeos_log_entries — BadgeOSCWE-862 | 4.3 | Medium | 2023-08-31 |
| CVE-2023-2172 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Title Overwrite — BadgeOSCWE-639 | 4.3 | Medium | 2023-08-31 |
| CVE-2022-41987 | WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF) — BadgeOSCWE-352 | 6.3 | Medium | 2023-05-25 |
This page lists every published CVE security advisory associated with LearningTimes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.