WordPress Tutor LMS Plugin <= 2.7.6 is vulnerable to SQL Injection

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.6 Fixed in 2.7.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10400 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d0515de5a39b Credits mikemyers Required privilege Unauthenticated Publishe...

WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4223 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 86348e33f1ae Credits villu164 Required privilege...

CVE-2023-25800 WordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0...

WordPress Tutor LMS Plugin < 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Tutor LMS Type Plugin Vulnerable versions 2.3.0 Fixed in 2.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4805 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 74daed2fad19 Credits emad-fazel Required...