Lucene search
K

180 matches found

NVD
NVD
added 2025/09/22 7:16 p.m.4 views

CVE-2025-58249

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

4.3CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/22 6:23 p.m.2 views

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

4.3CVSS5.9AI score0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.3 views

PT-2025-38912

Name of the Vulnerable Software and Affected Versions Themeum Qubely versions through 1.8.14 Description A flaw exists in Themeum Qubely that allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations Update Themeum Qubely to ...

4.3CVSS6.2AI score0.00255EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.3 views

PT-2025-38952

Name of the Vulnerable Software and Affected Versions Qubely versions through 1.8.14 Description A missing authorization issue exists in Themeum Qubely, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Qubely to a version later than 1.8.14...

4.3CVSS6.5AI score0.0022EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.5 views

CVE-2025-58993

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through = 3.7.4...

7.6CVSS5.9AI score0.00261EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.5 views

PT-2025-36812

Name of the Vulnerable Software and Affected Versions: Themeum Tutor LMS versions through 3.7.4 Description: Themeum Tutor LMS is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for potential SQL injection attacks...

7.6CVSS7.4AI score0.00261EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:29 a.m.11 views

CVE-2024-43954

Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1...

6.3CVSS5.1AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:4 a.m.10 views

CVE-2024-37266

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1...

7.2CVSS6.8AI score0.00618EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:3 a.m.10 views

CVE-2024-29913

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS Elementor Addons allows Stored XSS.This issue affects Tutor LMS Elementor Addons: from n/a through 2.1.3...

6.5CVSS8.6AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:50 a.m.17 views

CVE-2024-43142

Missing Authorization vulnerability in Themeum Tutor LMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through 2.7.3...

8.8CVSS6.9AI score0.00397EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:27 a.m.9 views

CVE-2024-43231

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3...

6.5CVSS6.7AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.15 views

CVE-2024-37947

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2...

5.9CVSS6.8AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:30 a.m.7 views

CVE-2023-41870

Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5...

8.8CVSS8.5AI score0.00649EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:27 a.m.4 views

CVE-2023-25990

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10...

8.8CVSS8.9AI score0.00679EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:36 a.m.8 views

CVE-2023-49829

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4...

5.9CVSS6.5AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.6 views

CVE-2023-25799

Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8...

8.8CVSS6.9AI score0.00458EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/12 9:7 a.m.21 views

CVE-2025-32230

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...

4.3CVSS7.2AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/04/10 8:15 a.m.18 views

CVE-2025-32230

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through = 3.4.0...

4.3CVSS0.00232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.6 views

CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Themeum Tutor LMS. This issue affects Tutor LMS: from n/a through 3.4.0...

4.3CVSS4.7AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 2025/04/10 8:9 a.m.66 views

CVE-2025-32230

CVE-2025-32230 is a Tutor LMS HTML Injection (Basic XSS) vulnerability. The Wordfence vulnerability entry confirms it affects Tutor LMS versions up to 3.4.0 and notes the issue stems from improper neutralization of script-related HTML tags, enabling potential HTML injection. The vulnerability is ...

4.3CVSS7.2AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder