CVE-2026-3110

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...

EUVD-2024-17523

Malicious code in bioql PyPI...

CVE-2024-1798

The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the tutorlpexportxml function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to export courses, including privat...

CVE-2024-1798

CVE-2024-1798 affects the WordPress plugin “Tutor LMS – Migration Tool” and concerns unauthenticated data export due to a missing capability check in tutor_lp_export_xml. Affected versions are up to and including 2.2.0. Public sources indicate this could allow unauthenticated attackers to export ...

PT-2024-18316 · WordPress · The Tutor Lms – Migration Tool

Name of the Vulnerable Software and Affected Versions: The Tutor LMS – Migration Tool plugin for WordPress versions up to, and including, 2.2.0 Description: The issue allows unauthorized access to data due to a missing capability check on the tutor lp export xml function. This makes it possible f...