944 matches found
WordPress plugin Tutor LMS Elementor Addons 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-50045
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS Elementor Addons tutor-lms-elementor-addons allows Stored XSS.This issue affects Tutor LMS Elementor Addons: from n/a through = 3.0.1...
CVE-2025-65681
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
WordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Mdr in WordPress Plugin Tutor LMS Elementor Addons versions = 3.0.1...
tutor-android (>=17.0.0 <=19.0.0), tutor-cairn (>=17.0.0 <=19.0.4) +39 more potentially affected by CVE-2025-65681 via tutor (>=12.2.0 <=19.0.5)
tutor PYPI version =12.2.0, =17.0.0, =17.0.0, =14.0.0, =18.3.0, =18.0.0, =14.0.0rc3, =18.2.8, =14.0.0, =19.0.0, =15.0.0, =18.0.0, =0.1.0, =19.0.0, =19.0.1 and more Source cves: CVE-2025-65681 Source advisory: OSV:GHSA-GQ25-78JF-V78C...
GHSA-GQ25-78JF-V78C Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
Overhang Tutor Discloses Sensitive Information due to Improper Cache-Control
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
Use of Cache Containing Sensitive Information
Overview tutor is a The Docker-based Open edX distribution designed for peace of mind Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to the absence of proper cache-control HTTP headers and insufficient client-side session validation. An...
tutor-android (>=17.0.0 <=21.0.0), tutor-cairn (>=17.0.0 <=21.0.0) +49 more potentially affected by CVE-2025-65681 via tutor (>=12.2.0 <=21.0.7)
tutor PYPI version =12.2.0, =17.0.0, =17.0.0, =0.1.1, =0.2.0, =14.0.0, =18.3.0, =18.0.0, =14.0.0rc3, =18.2.8, =14.0.0, =19.0.0, =14.0.0, =18.0.3 and more Source cves: CVE-2025-65681 Source advisory: SNYK:PYTHON-TUTOR-14135978...
PYSEC-2025-219
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
tutor-android (>=17.0.0 <=19.0.0), tutor-cairn (>=17.0.0 <=19.0.4) +39 more potentially affected by CVE-2025-65681 via tutor (>=12.2.0 <=19.0.5)
tutor PYPI version =12.2.0, =17.0.0, =17.0.0, =14.0.0, =18.3.0, =18.0.0, =14.0.0rc3, =18.2.8, =14.0.0, =19.0.0, =15.0.0, =18.0.0, =0.1.0, =19.0.0, =19.0.1 and more Source cves: CVE-2025-65681 Source advisory: OSV:PYSEC-2025-219...
PYSEC-2025-219
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
CVE-2025-65681
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
CVE-2025-65681
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
PT-2025-48178
Name of the Vulnerable Software and Affected Versions Overhang.IO tutor-open-edx version 20.0.2 Description A security issue exists in Overhang.IO tutor-open-edx version 20.0.2 that could allow local unauthorized attackers to access sensitive information. This is due to missing cache-control HTTP...
CVE-2025-65681
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
CVE-2025-65681
An issue was discovered in Overhang.IO tutor-open-edx overhangio/tutor 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks...
CVE-2025-12868 CyberTutor|New Site Server - Use of Client-Side Authentication
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
EUVD-2025-41750
New Site Server developed by CyberTutor has a Use of Client-Side Authentication vulnerability, allowing unauthenticated remote attackers to modify the frontend code to gain administrator privileges on the website...
CVE-2025-6680
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't...