WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4223 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 86348e33f1ae Credits villu164 Required privilege...

WordPress Nextend Facebook Connect Plugin <= 3.1.12 is vulnerable to Cross Site Scripting (XSS)

Software Nextend Facebook Connect Type Plugin Vulnerable versions = 3.1.12 Fixed in 3.1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1775 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6fbf027206e8 Credits Tobias...