Lucene search
K

185 matches found

CVE
CVE
added 2024/08/29 3:19 p.m.65 views

CVE-2024-43955

CVE-2024-43955: Droip (WordPress plugin)

10CVSS5.2AI score0.00604EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/08/29 3:18 p.m.56 views

CVE-2024-43954

CVE-2024-43954 corresponds to a Themeum Droip vulnerability in WordPress. Connected sources show an ACL/authorization bypass for Droip allowing access to constrained functionality, affecting Droip versions up to 1.1.1. The Wordfence data explicitly references an Unauthenticated Arbitrary File Del...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.5 views

PT-2024-30816 · Themeum · Themeum Droip

Name of the Vulnerable Software and Affected Versions: Themeum Droip versions 1.1.1 and earlier Description: The issue is related to an Incorrect Authorization vulnerability, allowing users to access functionality not properly constrained by Access Control Lists ACLs. This means that certain...

6.3CVSS6.5AI score0.00284EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.8 views

PT-2024-30817 · Themeum · Themeum Droip

Name of the Vulnerable Software and Affected Versions: Themeum Droip versions 1.1.1 and earlier Description: The issue affects Themeum Droip, allowing file manipulation due to improper limitation of a pathname to a restricted directory. This is a Path Traversal vulnerability, enabling unauthorize...

10CVSS6.6AI score0.00604EPSS
Exploits0References9
OSV
OSV
added 2024/08/26 9:15 p.m.4 views

CVE-2024-39645

Cross-Site Request Forgery CSRF vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

8.8CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2024/08/26 9:15 p.m.22 views

CVE-2024-39645

Cross-Site Request Forgery CSRF vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

8.8CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2024/08/26 8:55 p.m.46 views

CVE-2024-39645

CVE-2024-39645 is a CSRF vulnerability in WordPress Tutor LMS

8.8CVSS7AI score0.0018EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/26 8:55 p.m.20 views

CVE-2024-39645 WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

5.4CVSS7AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/18 10:15 p.m.7 views

CVE-2024-43282

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

7.6CVSS5.5AI score0.00439EPSS
Exploits0References2
OSV
OSV
added 2024/08/18 10:15 p.m.5 views

CVE-2024-43282

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

7.2CVSS5.8AI score0.00439EPSS
Exploits0References1
NVD
NVD
added 2024/08/18 10:15 p.m.21 views

CVE-2024-43282

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

7.6CVSS0.00439EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/18 9:39 p.m.43 views

CVE-2024-43282 WordPress Tutor LMS plugin <= 2.7.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2...

7.6CVSS0.00439EPSS
Exploits0References1
CVE
CVE
added 2024/08/18 9:39 p.m.61 views

CVE-2024-43282

CVE-2024-43282 is an SQL injection vulnerability in Tutor LMS (authenticated, Administrator+ access) that affects Tutor LMS versions up to and including 2.7.2. Root cause is improper neutralization of input elements in an SQL command. The vulnerability is actively tracked with a patched status, a...

7.6CVSS7.9AI score0.00439EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/08/12 9:15 p.m.19 views

CVE-2024-43231

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

6.5CVSS0.00279EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 9:15 p.m.7 views

CVE-2024-43231

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/12 9:15 p.m.4 views

CVE-2024-43231

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

6.5CVSS5.2AI score0.00279EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/12 9:4 p.m.14 views

CVE-2024-43231 WordPress Tutor LMS plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

6.5CVSS6.8AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/12 9:4 p.m.17 views

CVE-2024-43231 WordPress Tutor LMS plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

6.5CVSS0.00279EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 9:4 p.m.50 views

CVE-2024-43231

CVE-2024-43231 is a stored XSS in Tutor LMS (WordPress plugin) via improper neutralization of input during web page generation. Affected: Tutor LMS versions up to 2.7.3. The issue arises from inadequate sanitization of user-supplied content that is later embedded in web pages, enabling stored Cro...

6.5CVSS6.4AI score0.00279EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/07/20 9:15 a.m.33 views

CVE-2024-37947

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2...

5.9CVSS0.00354EPSS
Exploits0References1
Rows per page
Query Builder