Lucene search
CVE-2024-4318
The Tutor LMS plugin for WordPress has time-based SQL Injection vulnerability in versions up to 2.7.0, allowing authenticated attackers to append additional SQL queries to extract sensitive information from the database
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | Tutor LMS < 2.7.1 - Authenticated (Instructor+) SQL Injection | 15 May 202400:00 | – | wpvulndb |
 | CVE-2024-4318 Tutor LMS <= 2.7.0 - Authenticated (Instructor+) SQL Injection | 16 May 202405:33 | – | cvelist |
 | CVE-2024-4318 | 16 May 202406:15 | – | nvd |
 | WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to SQL Injection | 16 May 202400:00 | – | patchstack |
 | CVE-2024-4318 Tutor LMS <= 2.7.0 - Authenticated (Instructor+) SQL Injection | 16 May 202405:33 | – | vulnrichment |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024) | 23 May 202415:00 | – | wordfence |
[
{
"vendor": "themeum",
"product": "Tutor LMS – eLearning and online course solution",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "2.7.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo16 May 2024 06:15Current
7.1High risk
Vulners AI Score7.1
CVSS36.5 - 8.8
EPSS0.00384
SSVC