Vulnerabilidades en themeum
93 resultadosCVE-2024-10897MEDIUMTutor LMS Elementor Addons <= 2.1.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin InstallationEPSS 0.3%CVE-2024-9601MEDIUMQubely – Advanced Gutenberg Blocks <= 1.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' and 'UniqueID'EPSS 0.3%CVE-2025-47555LOWWordPress Tutor LMS plugin <= 3.9.4 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2025-32223MEDIUMWordPress Tutor LMS plugin <= 3.9.4 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.3%CVE-2024-43954MEDIUMWordPress Droip plugin <= 1.1.1 - Subscriber+ Settings Change/Data Exposure VulnerabilityEPSS 0.3%CVE-2026-22332CRITICALWordPress Tutor LMS Pro plugin <= 3.9.6 - SQL Injection vulnerabilityEPSS 0.3%CVE-2026-1371MEDIUMTutor LMS <= 3.9.5 - Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX ActionEPSS 0.3%CVE-2024-43231MEDIUMWordPress Tutor LMS plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2023-50859MEDIUMWordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2024-11911MEDIUMWP Crowdfunding <= 2.1.12 - Missing Authorization to Authenticated (Subscriber+) WooCommerce InstallationEPSS 0.3%CVE-2025-11564MEDIUMTutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status UpdateEPSS 0.3%CVE-2025-58993HIGHWordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection VulnerabilityEPSS 0.3%CVE-2025-58249MEDIUMWordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure VulnerabilityEPSS 0.3%CVE-2026-40743MEDIUMWordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-0548MEDIUMTutor LMS – eLearning and online course solution <= 3.9.4 - Missing Authorization to Authenticated (Subscriber+) Limited Attachment DeletionEPSS 0.2%CVE-2024-1503MEDIUMTutor LMS – eLearning and online course solution <= 2.6.1 - Cross-Site Request Forgery to Plugin Deactivation and Data EraseEPSS 0.2%CVE-2025-58663MEDIUMWordPress Qubely Plugin <= 1.8.14 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-32230MEDIUMWordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerabilityEPSS 0.2%CVE-2026-24584MEDIUMWordPress Tutor LMS BunnyNet Integration plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-63042MEDIUMWordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%