Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tutor_lms
(Themeum)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 25 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-10-18 | CVE-2021-24740 | The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | Tutor_lms | 4.8 | ||
2021-04-05 | CVE-2021-24186 | The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students. | Tutor_lms | 6.5 | ||
2021-04-05 | CVE-2021-24185 | The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students. | Tutor_lms | 6.5 | ||
2021-04-05 | CVE-2021-24183 | The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students. | Tutor_lms | 6.5 | ||
2021-04-05 | CVE-2021-24182 | The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students. | Tutor_lms | 6.5 |