4 matches found
CVE-2023-25700
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10...
CVE-2023-25700
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10...
CVE-2023-25700
The CVE-2023-25700 entry concerns the WordPress Tutor LMS plugin. A SQL Injection vulnerability arises from improper neutralization of special elements in SQL commands within Tutor LMS, affecting versions up to and including 2.1.10. The issue permits unauthenticated attackers to inject SQL throug...
WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection
Software Tutor LMS Type Plugin Vulnerable versions = 2.1.10 Fixed in 2.2.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-25700 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID a985405069a7 Credits Rafie Muhammad Patchstack Required privilege...