3 matches found
CVE-2024-1128
creationtimestamp| type| source ---|---|--- 2024-03-08 19:56:58+00:00| seen| https://t.me/ctinow/203549...
WordPress Tutor LMS Plugin <= 2.6.0 is vulnerable to Content Injection
Software Tutor LMS Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-1128 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4f8a158bf40f Credits drop Required privilege Student Published 21 Februar...
CVE-2024-1128
CVE-2024-1128 affects the WordPress Tutor LMS plugin (versions up to and including 2.6.0). The vulnerability is HTML Injection in the Q&A functionality caused by insufficient sanitization of HTML input, allowing authenticated users with Student-level access and above to inject arbitrary HTML onto...