946 matches found
CVE-2021-24185
The tutorplacerating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students...
CVE-2021-24184
Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions...
CVE-2021-24182
The tutorquizbuildergetanswersbyquestion AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students...
CVE-2021-24186
The tutoransweringquizquestion/getanswerbyid function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0...
CVE-2025-32230
CVE-2025-32230 is a Tutor LMS HTML Injection (Basic XSS) vulnerability. The Wordfence vulnerability entry confirms it affects Tutor LMS versions up to 3.4.0 and notes the issue stems from improper neutralization of script-related HTML tags, enabling potential HTML injection. The vulnerability is ...
CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
PT-2025-15953 · Tutor Lms · Tutor Lms
Name of the Vulnerable Software and Affected Versions: Tutor LMS versions n/d through 3.4.0 Description: The issue is related to an improper neutralization of script-related HTML tags in a web page, which can lead to a basic Cross-Site Scripting XSS attack. This allows an attacker to inject...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability
HTML Injection vulnerability discovered by Revan Arifio in WordPress Plugin Tutor LMS versions = 3.4.0...
CVE-2025-3119
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/managecourse.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3118
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been classified as critical. This affects an unknown part of the file /tutor/courses/viewcourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-3119
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/managecourse.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3119 SourceCodester Online Tutor Portal manage_course.php sql injection
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/managecourse.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3119 SourceCodester Online Tutor Portal manage_course.php sql injection
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /tutor/courses/managecourse.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-3119
CVE-2025-3119 affects SourceCodester Online Tutor Portal 1.0. The vulnerability is in the file /tutor/courses/manage_course.php where manipulating the parameter ID leads to a SQL injection . It is exploitable remotely and, per the primary sources, the exploit has been disclosed publicly. The vuln...
CVE-2025-3118
A vulnerability was found in SourceCodester Online Tutor Portal 1.0. It has been classified as critical. This affects an unknown part of the file /tutor/courses/viewcourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...