180 matches found
CVE-2025-58249
Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...
CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...
PT-2025-38912
Name of the Vulnerable Software and Affected Versions Themeum Qubely versions through 1.8.14 Description A flaw exists in Themeum Qubely that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations Update Themeum Qubely to ...
PT-2025-38952
Name of the Vulnerable Software and Affected Versions Qubely versions through 1.8.14 Description A missing authorization issue exists in Themeum Qubely, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Qubely to a version later than 1.8.14...
CVE-2025-58993
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through = 3.7.4...
PT-2025-36812
Name of the Vulnerable Software and Affected Versions: Themeum Tutor LMS versions through 3.7.4 Description: Themeum Tutor LMS is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for potential SQL injection attacks...
CVE-2024-43954
Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1...
CVE-2024-37266
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1...
CVE-2024-29913
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS Elementor Addons allows Stored XSS.This issue affects Tutor LMS Elementor Addons: from n/a through 2.1.3...
CVE-2024-43142
Missing Authorization vulnerability in Themeum Tutor LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through 2.7.3...
CVE-2024-43231
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...
CVE-2024-37947
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2...
CVE-2023-41870
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5...
CVE-2023-25990
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10...
CVE-2023-49829
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4...
CVE-2023-25799
Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
CVE-2025-32230
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...
CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0...
CVE-2025-32230
CVE-2025-32230 is a Tutor LMS HTML Injection (Basic XSS) vulnerability. The Wordfence vulnerability entry confirms it affects Tutor LMS versions up to 3.4.0 and notes the issue stems from improper neutralization of script-related HTML tags, enabling potential HTML injection. The vulnerability is ...