GCVE - cpe:2.3:a:thimpress:course_builder:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:thimpress:course_builder:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Thimpress (`3359de0e-d602-5f4a-8b30-12c81ab7a63c`)
Product	Course Builder (`04223492-5d42-58be-8d09-d388f7ce09f8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-48336`	vulnerable	2026-06-03 15:01:34.466929	WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability CRITICAL (9.8) Deserialization of Untrusted Data vulnerability in ThimPress Course Builder course-builder allows Object Injection.This issue affects Course Builder: from n/a through < 3.6.6. Published: 2025-05-29T18:54:34.068Z Updated: 2026-04-28T16:12:56.717Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/course-builder/vulnerability/wordpress-course-builder-3-6-6-php-object-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.