CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25800 – WordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-25800
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Themeum Tutor LMS permite la inyección SQL. Este problema afecta a Tutor LMS: desde n/a hasta 2.2.0. The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via many parameters in versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with student-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25990 – WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-25990
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Themeum Tutor LMS permite la inyección SQL. Este problema afecta a Tutor LMS: desde n/a hasta 2.1.10. The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via many parameters in versions up to, and including, 2.1.10 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with tutor instructor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0236 – Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-0236
The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin The Tutor LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'reset_key' and 'user_id' parameters (used by the password retrieval form) in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2563 – Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-2563
The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El plugin Tutor LMS de WordPress versiones anteriores a 2.0.10, no escapa a algunos parámetros del curso, lo que podría permitir a usuarios con altos privilegios, como el administrador, llevar a cabo ataques de tipo Cross-Site Scripting Almacenado, incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en la configuración multisitio) The Tutor LMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the topic name and lesson name parameters in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25017 – Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-25017
The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting El plugin Tutor LMS de WordPress versiones anteriores a 1.9.12, no escapa el parámetro search antes de devolverlo en un atributo en una página de administración, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2643821 https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •