Edwiser Bridge – WordPress Moodle Integration

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > Edwiser Bridge – WordPress Moodle Integration

Information

Software Type	Plugin
Software Slug	edwiser-bridge (view on wordpress.org)
Software Status	Active
Software Author	wisdmlabs
Software Website	edwiser.org
Software Downloads	206,442
Software Active Installs	4,000
Software Record Last Updated	June 18, 2026

7 Vulnerabilities

Submit a Vulnerability

Edwiser Bridge <= 4.3.2 - Missing Authorization

4.3

CVE-2026-24570

Jan 21, 2026

Researcher: Nabil Irawan

Edwiser Bridge – WordPress Moodle LMS Integration <= 3.0.8 - Reflected Cross-Site Scripting

6.1

CVE-2025-24593

Dec 25, 2024

Researcher: Le Ngoc Anh

Edwiser Bridge <= 3.0.7 - Authenticated (Subscriber+) Server-Side Request Forgery

6.4

CVE-2024-49312

Oct 15, 2024

Researcher: Muhammad Daffa

Edwiser Bridge <= 3.0.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting

6.4

CVE-2024-49311

Oct 15, 2024

Researcher: Muhammad Daffa

Edwiser Bridge <= 3.0.5 - Authentication Bypass due to Missing Empty Value Check

9.8

CVE-2024-4186

May 6, 2024

Researcher: István Márton

Edwiser Bridge <= 3.0.2 - Authenticated (Administrator+) SQL Injection

9.1

CVE-2024-31260

Apr 5, 2024

Researcher: Muhammad Daffa

Edwiser Bridge <= 2.0.6 - Cross-Site Request Forgery Bypass

4.3

CVE-2021-4399

Jun 28, 2021

Researcher: Jerome Bruandet

Title	Status	CVE ID	CVSS	Researchers	Date
Edwiser Bridge <= 4.3.2 - Missing Authorization	Patched	CVE-2026-24570	4.3	Nabil Irawan	January 21, 2026
Edwiser Bridge – WordPress Moodle LMS Integration <= 3.0.8 - Reflected Cross-Site Scripting	Patched	CVE-2025-24593	6.1	Le Ngoc Anh	December 25, 2024
Edwiser Bridge <= 3.0.7 - Authenticated (Subscriber+) Server-Side Request Forgery	Patched	CVE-2024-49312	6.4	Muhammad Daffa	October 15, 2024
Edwiser Bridge <= 3.0.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting	Patched	CVE-2024-49311	6.4	Muhammad Daffa	October 15, 2024
Edwiser Bridge <= 3.0.5 - Authentication Bypass due to Missing Empty Value Check	Patched	CVE-2024-4186	9.8	István Márton	May 6, 2024
Edwiser Bridge <= 3.0.2 - Authenticated (Administrator+) SQL Injection	Patched	CVE-2024-31260	9.1	Muhammad Daffa	April 5, 2024
Edwiser Bridge <= 2.0.6 - Cross-Site Request Forgery Bypass	Patched	CVE-2021-4399	4.3	Jerome Bruandet	June 28, 2021

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation