Vulnerabilidades em themeum

93 resultados

CVE-2024-1128MEDIUMTutor LMS <= 2.6.0 - Authenticated(Student+) HTML Injection via Q&AEPSS 0.5%CVE-2026-6080MEDIUMTutor LMS <= 3.9.8 - Authenticated (Admin+) SQL Injection via 'date' ParameterEPSS 0.5%CVE-2024-4902HIGHTutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL InjectionEPSS 0.5%CVE-2024-53816MEDIUMWordPress Tutor LMS Elementor Addons plugin <= 2.1.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-3553MEDIUMTutor LMS <= 2.6.2 - Missing Authorization to Unauthenticated Limited Options UpdateEPSS 0.5%CVE-2026-5502MEDIUMTutor LMS <= 3.9.8 - Authenticated (Subscriber+) Arbitrary Course Content Manipulation via tutor_update_course_content_orderEPSS 0.5%CVE-2025-13673HIGHTutor LMS <= 3.9.6 - Unauthenticated SQL Injection via coupon_codeEPSS 0.5%CVE-2023-25799HIGHWordPress Tutor LMS plugin <= 2.1.8 - Multiple Broken Access Control vulnerabilitiesEPSS 0.5%CVE-2024-43282HIGHWordPress Tutor LMS plugin <= 2.7.2 - SQL Injection vulnerabilityEPSS 0.4%CVE-2024-1502MEDIUMTutor LMS – eLearning and online course solution <= 2.6.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.4%CVE-2024-4279MEDIUMTutor LMS – eLearning and online course solution <= 2.7.0 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Course DeletionEPSS 0.4%CVE-2024-1798MEDIUMTutor LMS – Migration Tool <= 2.2.0 - Missing Authorization in tutor_lp_export_xmlEPSS 0.4%CVE-2022-40963MEDIUMWordPress WP Page Builder plugin <= 1.2.6 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilitiesEPSS 0.4%CVE-2026-8096MEDIUMKirki <= 6.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Submission Data Exposure via 'kirki_wp_admin_get_apis' ActionEPSS 0.4%CVE-2024-43142MEDIUMWordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-49829MEDIUMWordPress Tutor LMS Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-1508MEDIUMWP Crowdfunding <= 2.1.14 - Missing Authorization to Authenticated (Subscriber+) Post Content DownloadEPSS 0.4%CVE-2024-3994MEDIUMTutor LMS – eLearning and online course solution <= 2.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tutor_instructor_list' ShortcodeEPSS 0.4%CVE-2024-1133MEDIUMTutor LMS <= 2.6.0 - Missing AuthorizationEPSS 0.4%CVE-2026-3358MEDIUMTutor LMS <= 3.9.7 - Missing Authorization to Authenticated (Subscriber+) Unauthorized Private Course EnrollmentEPSS 0.4%

← anteriorpágina 2 / 5próxima →