Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

trainingbusinesspros — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting trainingbusinesspros. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Trainingbusinesspros provides cybersecurity training and certification programs for professionals. Historically, their systems have been vulnerable to common classes including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The organization has recorded 11 CVEs, with several critical flaws allowing unauthorized access and system compromise. Notable security characteristics include insufficient input validation and inadequate session management in their web-based training platforms. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on their training infrastructure. Their CVE history reflects typical web application security challenges faced by educational technology platforms.

Top products by trainingbusinesspros: Groundhogg — CRM, Newsletters, and Marketing Automation FormLift for Infusionsoft Web Forms
CVE IDTitleCVSSSeverityPublished
CVE-2026-4281 FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow — FormLift for Infusionsoft Web FormsCWE-862 5.3 Medium2026-03-26
CVE-2025-12750 Groundhogg <= 4.2.6.1 - Authenticated (Admin+) SQL Injection — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-89 4.9 Medium2025-11-21
CVE-2025-4206 WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg <= 4.1.1.2 - Authenticated (Administrator+) Arbitrary File Deletion — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-22 7.2 High2025-05-09
CVE-2025-1267 Groundhogg <= 3.7.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via label Parameter — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-79 5.5 Medium2025-04-01
CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-434 8.8 High2025-01-14
CVE-2023-2717 Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All Plugins — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-352 5.4 Medium2023-05-20
CVE-2023-2736 Groundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Privilege Escalation — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-352 7.5 High2023-05-20
CVE-2023-2735 Groundhogg <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-79 4.9 Medium2023-05-20
CVE-2023-2716 Groundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File Upload — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-862 5.4 Medium2023-05-20
CVE-2023-2714 Groundhogg <= 2.7.9.8 - Missing Authorization to Update License — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-862 4.3 Medium2023-05-20
CVE-2023-2715 Groundhogg <= 2.7.9.8 - Missing Authorization to Admin Account and Ticket Creation — Groundhogg — CRM, Newsletters, and Marketing AutomationCWE-862 4.3 Medium2023-05-20

This page lists every published CVE security advisory associated with trainingbusinesspros. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.