Vulnerabilidades en themeum
93 resultadosCVE-2024-10400HIGHTutor LMS <= 2.7.6 - Unauthenticated SQL Injection via rating_filterEPSS 82.6%CVE-2024-1751HIGHTutor LMS – eLearning and online course solution <= 2.6.1 - Authenticated (Subscriber+) SQL InjectionEPSS 3.1%CVE-2026-8206CRITICALKirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'EPSS 1.3%CVE-2024-4352HIGHTutor LMS Pro <= 2.7.0 - Missing Authorization to SQL InjectionEPSS 1.2%CVE-2024-4351HIGHTutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege EscalationEPSS 1.0%CVE-2024-54282HIGHWordPress WP Mega Menu plugin <= 1.4.2 - PHP Object Injection vulnerabilityEPSS 0.8%CVE-2021-24242—Tutor LMS < 1.8.8 - Authenticated Local File InclusionEPSS 0.8%CVE-2023-25700HIGHWordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL InjectionEPSS 0.7%CVE-2023-25800HIGHWordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL InjectionEPSS 0.7%CVE-2023-25990HIGHWordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL InjectionEPSS 0.7%CVE-2026-0953CRITICALTutor LMS Pro <= 3.9.5 - Authentication Bypass via Social LoginEPSS 0.7%CVE-2023-41870MEDIUMWordPress WP Crowdfunding plugin <= 2.1.5 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-37266MEDIUMWordPress Tutor LMS plugin <= 2.7.1 - Path Traversal vulnerabilityEPSS 0.6%CVE-2026-3360HIGHTutor LMS <= 3.9.7 - Missing Authorization to Unauthenticated Arbitrary Billing Profile Overwrite via 'order_id' ParameterEPSS 0.6%CVE-2024-43955CRITICALWordPress Droip plugin <= 1.1.1 - Unauthenticated Arbitrary File Download/Deletion vulnerabilityEPSS 0.6%CVE-2024-37256HIGHWordPress Tutor LMS plugin <= 2.7.1 - SQL Injection vulnerabilityEPSS 0.6%CVE-2026-8073HIGHKirki <= 6.0.6 - Unauthenticated Limited Arbitrary File Read and Deletion via downloadZIPEPSS 0.6%CVE-2024-10393MEDIUMTutor LMS <= 2.7.6 - User Registration Setting Bypass to Unauthorized User RegistrationEPSS 0.6%CVE-2024-4223CRITICALTutor LMS <= 2.7.0 - Missing AuthorizationEPSS 0.5%CVE-2024-4318HIGHTutor LMS <= 2.7.0 - Authenticated (Instructor+) SQL InjectionEPSS 0.5%