Vulnerabilites related to themeum - tutor_lms
Vulnerability from fkie_nvd
Published
2024-11-21 11:15
Modified
2025-01-23 17:04
Summary
The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'users_can_register' option in the 'register_instructor' function. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "7F6C5095-F4DD-4DD9-A77C-A0DD98FA2E05",
                     versionEndIncluding: "2.7.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'users_can_register' option in the 'register_instructor' function. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS para WordPress es vulnerable a la omisión del registro de usuarios en versiones hasta la 2.7.6 incluida. Esto se debe a una falta de verificación de la opción 'users_can_register' en la función 'register_instructor'. Esto hace posible que atacantes no autenticados se registren como el rol predeterminado en el sitio, incluso si el registro está deshabilitado.",
      },
   ],
   id: "CVE-2024-10393",
   lastModified: "2025-01-23T17:04:21.173",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-11-21T11:15:16.040",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3186319/tutor",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf8aa169-df51-46db-8c65-f1543d4f75f9?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "security@wordfence.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-02-04 20:15
Modified
2024-11-21 05:39
Summary
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "5D700DB6-8E7D-4B46-B69C-3DE36D7E81E2",
                     versionEndExcluding: "1.5.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de tipo CSRF en el plugin Tutor LMS versiones anteriores a 1.5.3 para WordPress, puede resultar en que un atacante se apruebe como instructor y lleve a cabo otras acciones maliciosas (tales como bloquear instructores legítimos).",
      },
   ],
   id: "CVE-2020-8615",
   lastModified: "2024-11-21T05:39:07.720",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "HIGH",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 2.6,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 4.9,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-02-04T20:15:14.933",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://wpvulndb.com/vulnerabilities/10058",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://wpvulndb.com/vulnerabilities/10058",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
            "Vendor Advisory",
         ],
         url: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-352",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-08-18 22:15
Modified
2025-01-22 21:59
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "1EB20081-939F-4B43-A6AC-6A572C2DEBE0",
                     versionEndExcluding: "2.7.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.",
      },
      {
         lang: "es",
         value: "Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Themeum Tutor LMS. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.2.",
      },
   ],
   id: "CVE-2024-43282",
   lastModified: "2025-01-22T21:59:38.210",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 4.7,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-18T22:15:10.250",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-sql-injection-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A143001B-60BE-4636-86C9-87B686F8ED3B",
                     versionEndExcluding: "1.8.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
      },
      {
         lang: "es",
         value: "La acción AJAX tutor_quiz_builder_get_answers_by_question del plugin de WordPress Tutor LMS – eLearning and online course solution versiones anteriores a 1.8.3, era vulnerable a una inyección SQL basada en UNION que podía ser explotada por estudiantes",
      },
   ],
   id: "CVE-2021-24182",
   lastModified: "2024-11-21T05:52:32.637",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.453",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "7AD21F1B-94BF-4BD3-AF90-8D3310510363",
                     versionEndExcluding: "1.7.7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.",
      },
      {
         lang: "es",
         value: "Varios endpoints AJAX en el plugin de WordPress Tutor LMS - eLearning and online course solution versiones anteriores a 1.7.7, estaban desprotegidos, permitiendo a los estudiantes modificar la información del curso y elevar sus privilegios entre muchas otras acciones",
      },
   ],
   id: "CVE-2021-24184",
   lastModified: "2024-11-21T05:52:32.883",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.577",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-16 10:15
Modified
2025-01-22 18:23
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:pro:wordpress:*:*",
                     matchCriteriaId: "887F64DA-F70D-4111-BE6A-4F908EB59A00",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS Pro para WordPress es vulnerable al acceso no autorizado a los datos, la modificación de los datos y la pérdida de datos debido a la falta de comprobación de la capacidad en varias funciones en todas las versiones hasta la 2.7.0 incluida. Esto permite que atacantes no autenticados agreguen, modifiquen o eliminen metadatos de usuario y opciones del complemento.",
      },
   ],
   id: "CVE-2024-4222",
   lastModified: "2025-01-22T18:23:01.487",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.3,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.4,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T10:15:08.687",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/942fffb6-2719-4b70-9759-21b2d50002c5?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/942fffb6-2719-4b70-9759-21b2d50002c5?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-03 17:15
Modified
2024-11-21 07:50
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "8C1DD00B-3284-4709-BF45-F5BABB884DCB",
                     versionEndIncluding: "2.2.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0.\n\n",
      },
      {
         lang: "es",
         value: "La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Themeum Tutor LMS permite la inyección SQL. Este problema afecta a Tutor LMS: desde n/a hasta 2.2.0.",
      },
   ],
   id: "CVE-2023-25800",
   lastModified: "2024-11-21T07:50:13.560",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2023-11-03T17:15:08.487",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "audit@patchstack.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-11 10:15
Modified
2024-11-21 07:50
Summary
Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "C63C69A4-DA3C-4FDA-A582-3BE2A974CD2F",
                     versionEndExcluding: "2.1.9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad de autorización faltante en Themeum Tutor LMS. Este problema afecta a Tutor LMS: desde n/a hasta 2.1.8.",
      },
   ],
   id: "CVE-2023-25799",
   lastModified: "2024-11-21T07:50:13.423",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.3,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.5,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-11T10:15:10.070",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-broken-access-control-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-broken-access-control-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-02-29 01:43
Modified
2025-01-15 18:23
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions in all versions up to, and including, 2.6.0. This makes it possible for authenticated attackers, with subscriber access or higher, to interact with questions in courses in which they are not enrolled including private courses.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A31A5270-DDE5-45C2-8B33-2941C4B71EBD",
                     versionEndExcluding: "2.6.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions in all versions up to, and including, 2.6.0. This makes it possible for authenticated attackers, with subscriber access or higher, to interact with questions in courses in which they are not enrolled including private courses.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable al acceso no autorizado a contenido restringido de preguntas y respuestas debido a una falta de verificación de capacidad al interactuar con preguntas en todas las versiones hasta la 2.6.0 incluida. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, interactúen con preguntas en cursos en los que no están inscritos, incluidos los cursos privados.",
      },
   ],
   id: "CVE-2024-1133",
   lastModified: "2025-01-15T18:23:26.030",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-02-29T01:43:41.283",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037911%40tutor%2Ftrunk&old=3020286%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file12",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8a7c04a-1fa0-434d-8161-7a32cefb44c4?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037911%40tutor%2Ftrunk&old=3020286%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file12",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8a7c04a-1fa0-434d-8161-7a32cefb44c4?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A143001B-60BE-4636-86C9-87B686F8ED3B",
                     versionEndExcluding: "1.8.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
      },
      {
         lang: "es",
         value: "La acción tutor_quiz_builder_get_question_form AJAX del plugin de WordPress Tutor LMS – eLearning and online course solution versiones anteriores a 1.8.3, era vulnerable a una inyección SQL basada en UNION que podía ser explotada por estudiantes",
      },
   ],
   id: "CVE-2021-24183",
   lastModified: "2024-11-21T05:52:32.760",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.513",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-16 06:15
Modified
2025-01-24 17:11
Summary
The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Instructor-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "F6D02936-81CB-45D8-A594-B5D9A2731936",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Instructor-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS para WordPress es vulnerable a la inyección SQL basada en tiempo a través del parámetro 'question_id' en versiones hasta la 2.7.0 incluida, debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente. Esto permite que atacantes autenticados, con permisos de nivel de instructor y superiores, agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.",
      },
   ],
   id: "CVE-2024-4318",
   lastModified: "2025-01-24T17:11:02.097",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T06:15:11.480",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4456",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4575",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bbb3c65-f02c-4d6d-bd4e-b3232af5e21b?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4575",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bbb3c65-f02c-4d6d-bd4e-b3232af5e21b?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-11-23 20:15
Modified
2024-11-21 05:53
Summary
The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "0846F7FD-D46A-4230-909D-AE7BCB86F2AB",
                     versionEndExcluding: "1.9.11",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue",
      },
      {
         lang: "es",
         value: "El plugin Tutor LMS de WordPress versiones anteriores a 1.9.11, no sanea ni escapa de la entrada del usuario antes de devolverla en atributos en la página de registro de estudiantes, conllevando un problema de tipo Cross-Site Scripting Reflejado",
      },
   ],
   id: "CVE-2021-24873",
   lastModified: "2024-11-21T05:53:55.790",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-11-23T20:15:10.080",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-08-12 21:15
Modified
2025-01-22 22:10
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "6C2F25C2-C299-4DD8-8398-61AE387B3690",
                     versionEndExcluding: "2.7.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3.",
      },
      {
         lang: "es",
         value: "La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Themeum Tutor LMS permite XSS Almacenado. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.3.",
      },
   ],
   id: "CVE-2024-43231",
   lastModified: "2025-01-22T22:10:37.763",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 3.7,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-12T21:15:32.890",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-04-25 10:15
Modified
2025-01-15 18:36
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tutor_instructor_list' shortcode in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "E26D1325-2A1F-4B34-8487-2A355A5F3E87",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tutor_instructor_list' shortcode in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a Cross-Site Scripting Almacenado a través del código corto 'tutor_instructor_list' del complemento en todas las versiones hasta la 2.6.2 incluida debido a una sanitización de entrada insuficiente y a un escape de salida proporcionado por el usuario. atributos. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada.",
      },
   ],
   id: "CVE-2024-3994",
   lastModified: "2025-01-15T18:36:21.003",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-04-25T10:15:09.263",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/templates/shortcode/instructor-filter.php",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/324fc401-04ca-4707-8727-b8c3a66f7fd6?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/templates/shortcode/instructor-filter.php",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/324fc401-04ca-4707-8727-b8c3a66f7fd6?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A143001B-60BE-4636-86C9-87B686F8ED3B",
                     versionEndExcluding: "1.8.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
      },
      {
         lang: "es",
         value: "El par de funciones tutor_answering_quiz_question y get_answer_by_id del plugin Tutor LMS - eLearning and online course solution WordPress versiones anteriores a 1.8.3, era vulnerable a una inyección SQL basada en UNION que podría ser explotada por los estudiantes",
      },
   ],
   id: "CVE-2021-24186",
   lastModified: "2024-11-21T05:52:33.123",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.703",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-03-21 02:51
Modified
2025-01-15 18:35
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect nonce validation on the erase_tutor_data() function. This makes it possible for unauthenticated attackers to deactivate the plugin and erase all data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This requires the "Erase upon uninstallation" option to be enabled.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A615DCE6-67AC-4717-A274-E2001B0074BC",
                     versionEndExcluding: "2.6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect nonce validation on the erase_tutor_data() function. This makes it possible for unauthenticated attackers to deactivate the plugin and erase all data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This requires the \"Erase upon uninstallation\" option to be enabled.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.6.1 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función erase_tutor_data(). Esto hace posible que atacantes no autenticados desactiven el complemento y borren todos los datos mediante una solicitud falsificada, siempre que puedan engañar al administrador del sitio para que realice una acción como hacer clic en un enlace. Esto requiere que esté habilitada la opción \"Borrar al desinstalar\".",
      },
   ],
   id: "CVE-2024-1503",
   lastModified: "2025-01-15T18:35:32.333",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-03-21T02:51:43.260",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Admin.php#L465",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/050647a8-6743-46e4-b31c-0b5bd4a1007f?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Admin.php#L465",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/050647a8-6743-46e4-b31c-0b5bd4a1007f?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-352",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-07 13:15
Modified
2024-11-21 09:47
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "6F84873F-FB6C-4354-B70A-1E2B7CA481CC",
                     versionEndExcluding: "2.7.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la referencia directa a objetos inseguros en todas las versiones hasta la 2.7.1 incluida a través de la función 'attempt_delete' debido a la falta de validación en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de instructor y superior, eliminen intentos de cuestionarios arbitrarios.",
      },
   ],
   id: "CVE-2024-5438",
   lastModified: "2024-11-21T09:47:41.163",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-07T13:15:50.500",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Quiz.php#L1806",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3098465/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec14d4-d97b-40b1-b61b-05e911f49bb0?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Quiz.php#L1806",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3098465/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec14d4-d97b-40b1-b61b-05e911f49bb0?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-639",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-10-16 20:15
Modified
2024-11-21 08:36
Summary
The Tutor LMS WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow users such as subscriber to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "0529B052-121B-4D65-8F6B-CA71881F4FBC",
                     versionEndExcluding: "2.3.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow users such as subscriber to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS de WordPress anterior a 2.3.0 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios como suscriptores realizar ataques de Cross-Site Scripting almacenados incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en configuración multisitio).",
      },
   ],
   id: "CVE-2023-4805",
   lastModified: "2024-11-21T08:36:00.307",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-10-16T20:15:16.670",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/1049e940-49b1-4236-bea2-c636f35c5647",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/1049e940-49b1-4236-bea2-c636f35c5647",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
}

Vulnerability from fkie_nvd
Published
2023-12-15 16:15
Modified
2024-11-21 08:33
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "711155E8-212C-4AEE-A795-97B1DE394CF6",
                     versionEndIncluding: "2.2.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4.\n\n",
      },
      {
         lang: "es",
         value: "La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en Themeum Tutor LMS – eLearning and online course solution permite almacenar XSS. Este problema afecta a Tutor LMS – eLearning and online course solution: desde n/a hasta 2.2. 4.",
      },
   ],
   id: "CVE-2023-49829",
   lastModified: "2024-11-21T08:33:55.280",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 3.7,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-12-15T16:15:45.740",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-07-04 08:15
Modified
2024-11-21 08:16
Summary
The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "96CAFB06-AB60-4B67-B02F-1F9334C41ECE",
                     versionEndExcluding: "2.2.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.",
      },
   ],
   id: "CVE-2023-3133",
   lastModified: "2024-11-21T08:16:31.913",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-07-04T08:15:10.460",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.2.0/classes/RestAPI.php#L253",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Product",
         ],
         url: "https://wordpress.org/plugins/tutor/",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/3b6969a7-5cbc-4e16-8f27-5dde481237f5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.2.0/classes/RestAPI.php#L253",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://wordpress.org/plugins/tutor/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/3b6969a7-5cbc-4e16-8f27-5dde481237f5",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
}

Vulnerability from fkie_nvd
Published
2024-05-16 09:15
Modified
2025-01-24 17:58
Severity ?
Summary
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "F6D02936-81CB-45D8-A594-B5D9A2731936",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS para WordPress es vulnerable al acceso no autorizado a datos, modificación de datos, pérdida de datos debido a una falta de verificación de capacidad en múltiples funciones en todas las versiones hasta la 2.7.0 inclusive. Esto hace posible que atacantes no autenticados agreguen, modifiquen o eliminen datos.",
      },
   ],
   id: "CVE-2024-4223",
   lastModified: "2025-01-24T17:58:19.593",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T09:15:15.810",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-10-18 14:15
Modified
2024-11-21 05:53
Summary
The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A94716E1-941C-4B98-A902-BB3D63E1AF33",
                     versionEndExcluding: "1.9.9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",
      },
      {
         lang: "es",
         value: "El plugin Tutor LMS de WordPress versiones anteriores a 1.9.9, no escapa a algunas de sus configuraciones antes de mostrarlas en atributos, que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada",
      },
   ],
   id: "CVE-2021-24740",
   lastModified: "2024-11-21T05:53:40.200",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 3.5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 6.8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-10-18T14:15:09.940",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-16 10:15
Modified
2025-01-22 18:24
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:pro:wordpress:*:*",
                     matchCriteriaId: "887F64DA-F70D-4111-BE6A-4F908EB59A00",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS Pro para WordPress es vulnerable al acceso no autorizado a los datos, la modificación de los datos y la pérdida de datos debido a la falta de una comprobación de capacidad en la función 'get_calendar_materials'. El complemento también es vulnerable a la inyección SQL a través del parámetro 'year' de esa función debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con permisos de nivel de suscriptor y superiores, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.",
      },
   ],
   id: "CVE-2024-4352",
   lastModified: "2025-01-22T18:24:15.257",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T10:15:10.470",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c647beda-cf73-4372-975f-a8c8ed05217f?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c647beda-cf73-4372-975f-a8c8ed05217f?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-22 21:15
Modified
2024-11-21 05:52
Summary
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "50887858-D50A-44CD-A4A9-758F8C439568",
                     versionEndExcluding: "1.8.8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file",
      },
      {
         lang: "es",
         value: "El plugin de WordPress Tutor LMS - eLearning and online course solution versiones anteriores a 1.8.8 está afectado por una vulnerabilidad de inclusión de archivos locales por medio del parámetro sub_page construido maliciosamente de las herramientas del plugin, permitiendo a usuarios con altos privilegios incluir cualquier archivo php local",
      },
   ],
   id: "CVE-2021-24242",
   lastModified: "2024-11-21T05:52:40.287",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 3.8,
               baseSeverity: "LOW",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 2.5,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-22T21:15:09.927",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-07-09 09:15
Modified
2024-11-21 09:23
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "6F84873F-FB6C-4354-B70A-1E2B7CA481CC",
                     versionEndExcluding: "2.7.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.",
      },
      {
         lang: "es",
         value: " Neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Themeum Tutor LMS. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.1.",
      },
   ],
   id: "CVE-2024-37256",
   lastModified: "2024-11-21T09:23:28.830",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 7.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 4.7,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-07-09T09:15:03.157",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-sql-injection-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-sql-injection-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-16 06:15
Modified
2025-01-24 17:03
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow authenticated attackers, with Instructor-level permissions and above, to delete any course.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "F6D02936-81CB-45D8-A594-B5D9A2731936",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow authenticated attackers, with Instructor-level permissions and above, to delete any course.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la Referencia directa insegura a objetos para la eliminación arbitraria de cursos en versiones hasta la 2.7.0 incluida a través de la función 'tutor_course_delete' debido a la falta de validación en una clave controlada por el usuario. Esto puede permitir que atacantes autenticados, con permisos de nivel de Instructor y superiores, eliminen cualquier curso.",
      },
   ],
   id: "CVE-2024-4279",
   lastModified: "2025-01-24T17:03:18.140",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T06:15:10.667",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Course_List.php#L357",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d04643-e43a-4732-91bf-e4af7b622e33?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Course_List.php#L357",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3086489/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d04643-e43a-4732-91bf-e4af7b622e33?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-639",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-02-29 01:43
Modified
2025-01-15 18:18
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 2.6.0. This is due to insufficient sanitization of HTML input in the Q&A functionality. This makes it possible for authenticated attackers, with Student access and above, to inject arbitrary HTML onto a site, though it does not allow Cross-Site Scripting
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A31A5270-DDE5-45C2-8B33-2941C4B71EBD",
                     versionEndExcluding: "2.6.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 2.6.0. This is due to insufficient sanitization of HTML input in the Q&A functionality. This makes it possible for authenticated attackers, with Student access and above, to inject arbitrary HTML onto a site, though it does not allow Cross-Site Scripting",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la inyección de HTML en todas las versiones hasta la 2.6.0 incluida. Esto se debe a una sanitización insuficiente de la entrada HTML en la funcionalidad de preguntas y respuestas. Esto hace posible que atacantes autenticados, con acceso de Estudiante y superior, inyecten HTML arbitrario en un sitio, aunque no permite Cross-Site Scripting.",
      },
   ],
   id: "CVE-2024-1128",
   lastModified: "2025-01-15T18:18:25.617",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 3.5,
               baseSeverity: "LOW",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.1,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-02-29T01:43:40.793",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3037911/tutor/tags/2.6.1/classes/Q_and_A.php?old=2827221&old_path=tutor/trunk/classes/Q_and_A.php",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/22420c2d-788c-4577-ae54-7b48f6063f5d?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3037911/tutor/tags/2.6.1/classes/Q_and_A.php?old=2827221&old_path=tutor/trunk/classes/Q_and_A.php",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/22420c2d-788c-4577-ae54-7b48f6063f5d?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-07-09 10:15
Modified
2024-11-21 09:23
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "6F84873F-FB6C-4354-B70A-1E2B7CA481CC",
                     versionEndExcluding: "2.7.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1.",
      },
      {
         lang: "es",
         value: "La limitación inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido (\"Path Traversal\") en Themeum Tutor LMS permite el Path Traversal. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.1.",
      },
   ],
   id: "CVE-2024-37266",
   lastModified: "2024-11-21T09:23:30.230",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 3.6,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-07-09T10:15:04.147",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-path-traversal-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-path-traversal-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-03 17:15
Modified
2024-11-21 07:50
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "3622CA77-DB87-4A67-BF7E-8ABF62272962",
                     versionEndIncluding: "2.1.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.\n\n",
      },
      {
         lang: "es",
         value: "La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Themeum Tutor LMS permite la inyección SQL. Este problema afecta a Tutor LMS: desde n/a hasta 2.1.10.",
      },
   ],
   id: "CVE-2023-25990",
   lastModified: "2024-11-21T07:50:34.830",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2023-11-03T17:15:08.553",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-26 21:59
Summary
The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addon_enable_disable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "92264385-0A90-4FD4-8D0C-2D622225F2C9",
                     versionEndExcluding: "2.7.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addon_enable_disable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 2.7.4 incluida. Esto se debe a la falta o la validación incorrecta de nonce en la función 'addon_enable_disable'. Esto hace posible que atacantes no autenticados habiliten o deshabiliten complementos a través de una solicitud falsificada, siempre que puedan engañar a un administrador del sitio para que realice una acción como hacer clic en un enlace.",
      },
   ],
   id: "CVE-2023-2919",
   lastModified: "2024-09-26T21:59:24.927",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-09-10T10:15:05.710",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Ajax.php?rev=3128650#L506",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3148621/tutor/tags/2.7.5/classes/Ajax.php",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/992abd72-2a8e-4bda-94c2-4a7f88487906?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-352",
            },
         ],
         source: "security@wordfence.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-06-07 05:15
Modified
2024-11-21 09:43
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘course_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with admin access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "6F84873F-FB6C-4354-B70A-1E2B7CA481CC",
                     versionEndExcluding: "2.7.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘course_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with admin access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la inyección SQL basada en tiempo a través del parámetro 'course_id' en todas las versiones hasta la 2.7.1 incluida debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de suficiente preparación en la consulta SQL existente. Esto hace posible que atacantes autenticados, con acceso de administrador y superior, agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer información confidencial de la base de datos.",
      },
   ],
   id: "CVE-2024-4902",
   lastModified: "2024-11-21T09:43:49.733",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-06-07T05:15:49.740",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L1936",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3098465%40tutor%2Ftrunk&old=3086489%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file8",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00e8169-3b8f-44a0-9af2-e81777a913f8?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L1936",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3098465%40tutor%2Ftrunk&old=3086489%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00e8169-3b8f-44a0-9af2-e81777a913f8?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-02 17:15
Modified
2025-01-15 18:36
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hide_notices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable user registration on sites that may have it disabled.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "E26D1325-2A1F-4B34-8487-2A355A5F3E87",
                     versionEndExcluding: "2.7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hide_notices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable user registration on sites that may have it disabled.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función hide_notices en todas las versiones hasta la 2.6.2 incluida. Esto hace posible que atacantes no autenticados habiliten el registro de usuarios en sitios que pueden tenerlo deshabilitado.",
      },
   ],
   id: "CVE-2024-3553",
   lastModified: "2025-01-15T18:36:47.993",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.5,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-02T17:15:26.923",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/classes/User.php",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8d4029e-07b0-4ceb-ae6e-11a3f7416ebc?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/classes/User.php",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8d4029e-07b0-4ceb-ae6e-11a3f7416ebc?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-01-24 08:15
Modified
2024-11-21 05:54
Summary
The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "329C1BB4-E5D0-4D12-B44F-6585F98DED53",
                     versionEndExcluding: "1.9.12",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting",
      },
      {
         lang: "es",
         value: "El plugin Tutor LMS de WordPress versiones anteriores a 1.9.12, no escapa el parámetro search antes de devolverlo en un atributo en una página de administración, conllevando a un problema de tipo Cross-Site Scripting Reflejado",
      },
   ],
   id: "CVE-2021-25017",
   lastModified: "2024-11-21T05:54:11.680",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-01-24T08:15:09.343",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/2643821",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/2643821",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-08-26 21:15
Modified
2024-09-18 16:46
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "1EB20081-939F-4B43-A6AC-6A572C2DEBE0",
                     versionEndExcluding: "2.7.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Themeum Tutor LMS. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.2.",
      },
   ],
   id: "CVE-2024-39645",
   lastModified: "2024-09-18T16:46:57.470",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-26T21:15:23.873",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-352",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-11-03 17:15
Modified
2024-11-21 07:49
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "3622CA77-DB87-4A67-BF7E-8ABF62272962",
                     versionEndIncluding: "2.1.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.\n\n",
      },
      {
         lang: "es",
         value: "La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en Themeum Tutor LMS permite la inyección SQL. Este problema afecta a Tutor LMS: desde n/a hasta 2.1.10.",
      },
   ],
   id: "CVE-2023-25700",
   lastModified: "2024-11-21T07:49:57.897",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2023-11-03T17:15:08.413",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-unauthenticated-sql-injection-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-unauthenticated-sql-injection-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "audit@patchstack.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-08-02 11:15
Modified
2024-11-21 05:53
Summary
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "212A8F9E-E649-42E9-955C-73F4E3EF4A61",
                     versionEndExcluding: "1.9.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin.",
      },
      {
         lang: "es",
         value: "El plugin de WordPress Tutor LMS - eLearning and online course solution versiones anteriores a 1.9.2, no escapaba el campo Summary of Announcements (cuando lo mostraba en un atributo), que puede ser creado por usuarios tan bajos como Tutor Instructor. Esto conllevaba a un problema de tipo Cross-Site Scripting Almacenado, que se desencadena cuando se visualiza la lista de Anuncios, y podía resultar en una escalada de privilegios cuando era visualizada por un administrador",
      },
   ],
   id: "CVE-2021-24455",
   lastModified: "2024-11-21T05:53:06.363",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 3.5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 6.8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.3,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-08-02T11:15:09.300",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-02-06 20:15
Modified
2024-11-21 07:36
Summary
The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "1577C58F-361F-4933-91FE-F14201D68C08",
                     versionEndExcluding: "2.0.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",
      },
   ],
   id: "CVE-2023-0236",
   lastModified: "2024-11-21T07:36:47.770",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-02-06T20:15:14.117",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "7AD21F1B-94BF-4BD3-AF90-8D3310510363",
                     versionEndExcluding: "1.7.7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
      },
      {
         lang: "es",
         value: "La acción tutor_place_rating AJAX del plugin de WordPress Tutor LMS - eLearning and online course solution versiones anteriores a 1.7.7 era vulnerable a inyecciones SQL ciegas y basadas en tiempo que podían ser explotadas por los estudiantes",
      },
   ],
   id: "CVE-2021-24185",
   lastModified: "2024-11-21T05:52:33.003",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.640",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-03-21 02:51
Modified
2025-01-15 18:34
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A615DCE6-67AC-4717-A274-E2001B0074BC",
                     versionEndExcluding: "2.6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la pérdida no autorizada de datos debido a una falta de verificación de capacidad en la función tutor_delete_announcement() en todas las versiones hasta la 2.6.1 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen publicaciones arbitrarias.",
      },
   ],
   id: "CVE-2024-1502",
   lastModified: "2025-01-15T18:34:26.217",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "security@wordfence.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-03-21T02:51:43.110",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/834c4ca9-7173-4c84-8287-9916ec72935d?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/834c4ca9-7173-4c84-8287-9916ec72935d?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-07-20 09:15
Modified
2025-02-03 15:36
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "1EB20081-939F-4B43-A6AC-6A572C2DEBE0",
                     versionEndExcluding: "2.7.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.",
      },
      {
         lang: "es",
         value: " Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Themeum Tutor LMS permite XSS almacenado. Este problema afecta a Tutor LMS: desde n/a hasta 2.7.2.",
      },
   ],
   id: "CVE-2024-37947",
   lastModified: "2025-02-03T15:36:35.497",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 3.7,
            source: "audit@patchstack.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-07-20T09:15:06.693",
   references: [
      {
         source: "audit@patchstack.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
      },
   ],
   sourceIdentifier: "audit@patchstack.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "audit@patchstack.com",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-03-13 16:15
Modified
2025-01-15 18:23
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the question_id parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber/student access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "A615DCE6-67AC-4717-A274-E2001B0074BC",
                     versionEndExcluding: "2.6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the question_id parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with subscriber/student access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS – eLearning and online course solution para WordPress es vulnerable a la inyección SQL basada en tiempo a través del parámetro question_id en todas las versiones hasta la 2.6.1 incluida debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente. en la consulta SQL existente. Esto hace posible que atacantes autenticados, con acceso de suscriptor/estudiante o superior, agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer información confidencial de la base de datos.",
      },
   ],
   id: "CVE-2024-1751",
   lastModified: "2025-01-15T18:23:47.057",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-03-13T16:15:26.683",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.6.1/classes/Utils.php#L4555",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9cee379-79f8-4a60-b1bb-ccab1e954512?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.6.1/classes/Utils.php#L4555",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9cee379-79f8-4a60-b1bb-ccab1e954512?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-05 19:15
Modified
2024-11-21 05:52
Summary
The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "7AD21F1B-94BF-4BD3-AF90-8D3310510363",
                     versionEndExcluding: "1.7.7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
      },
      {
         lang: "es",
         value: "La acción AJAX tutor_mark_answer_as_correct del plugin de WordPress Tutor LMS â€\" eLearning and online course solution versión anteriores a 1.7.7, era vulnerable a inyecciones SQL ciegas y basadas en tiempo que podrían ser explotadas por estudiantes",
      },
   ],
   id: "CVE-2021-24181",
   lastModified: "2024-11-21T05:52:32.513",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-05T19:15:16.390",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
      },
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "contact@wpscan.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-11-21 11:15
Modified
2025-01-23 17:01
Summary
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "7F6C5095-F4DD-4DD9-A77C-A0DD98FA2E05",
                     versionEndIncluding: "2.7.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS para WordPress es vulnerable a la inyección SQL a través del parámetro 'rating_filter' en todas las versiones hasta la 2.7.6 incluida, debido a un escape insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente. Esto permite que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.",
      },
   ],
   id: "CVE-2024-10400",
   lastModified: "2025-01-23T17:01:14.073",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-11-21T11:15:16.297",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Patch",
         ],
         url: "https://plugins.trac.wordpress.org/changeset/3186319/tutor",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/bcf37d4e-e94a-4046-9949-c208e4e70197?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-89",
            },
         ],
         source: "security@wordfence.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-10-17 12:15
Modified
2024-11-21 07:01
Summary
The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                     matchCriteriaId: "1577C58F-361F-4933-91FE-F14201D68C08",
                     versionEndExcluding: "2.0.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",
      },
      {
         lang: "es",
         value: "El plugin Tutor LMS de WordPress versiones anteriores a 2.0.10, no escapa a algunos parámetros del curso, lo que podría permitir a usuarios con altos privilegios, como el administrador, llevar a cabo ataques de tipo Cross-Site Scripting Almacenado, incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en la configuración multisitio)",
      },
   ],
   id: "CVE-2022-2563",
   lastModified: "2024-11-21T07:01:15.347",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.7,
            impactScore: 2.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-10-17T12:15:09.737",
   references: [
      {
         source: "contact@wpscan.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f",
      },
   ],
   sourceIdentifier: "contact@wpscan.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-79",
            },
         ],
         source: "contact@wpscan.com",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2024-05-16 10:15
Modified
2025-01-22 18:23
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.
Impacted products
Vendor Product Version
themeum tutor_lms *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:pro:wordpress:*:*",
                     matchCriteriaId: "887F64DA-F70D-4111-BE6A-4F908EB59A00",
                     versionEndExcluding: "2.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.",
      },
      {
         lang: "es",
         value: "El complemento Tutor LMS Pro para WordPress es vulnerable al acceso no autorizado a los datos, la modificación de los datos y la pérdida de datos debido a la falta de verificación de la función \"autenticación\" en todas las versiones hasta la 2.7.0 incluida. Esto permite que atacantes autenticados, con permisos de nivel de suscriptor o superior, obtengan el control de una cuenta de administrador existente.",
      },
   ],
   id: "CVE-2024-4351",
   lastModified: "2025-01-22T18:23:35.573",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "security@wordfence.com",
            type: "Primary",
         },
      ],
   },
   published: "2024-05-16T10:15:09.890",
   references: [
      {
         source: "security@wordfence.com",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "security@wordfence.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/59859583-49e5-4a80-8659-b9ca7ddc089d?source=cve",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Product",
         ],
         url: "https://www.themeum.com/product/tutor-lms/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/59859583-49e5-4a80-8659-b9ca7ddc089d?source=cve",
      },
   ],
   sourceIdentifier: "security@wordfence.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2021-25017
Vulnerability from cvelistv5
Published
2022-01-24 08:01
Modified
2024-08-03 19:49
Severity ?
Summary
The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:49:14.592Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/2643821",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.9.12",
                     status: "affected",
                     version: "1.9.12",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Krzysztof Zając",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-24T08:01:11",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://plugins.trac.wordpress.org/changeset/2643821",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-25017",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.9.12",
                                          version_value: "1.9.12",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Krzysztof Zając",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
                     refsource: "MISC",
                     url: "https://wpscan.com/vulnerability/2d0c4872-a341-4974-926c-10b094a5d13c",
                  },
                  {
                     name: "https://plugins.trac.wordpress.org/changeset/2643821",
                     refsource: "CONFIRM",
                     url: "https://plugins.trac.wordpress.org/changeset/2643821",
                  },
               ],
            },
            source: {
               discovery: "EXTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-25017",
      datePublished: "2022-01-24T08:01:11",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:49:14.592Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4318
Vulnerability from cvelistv5
Published
2024-05-16 05:33
Modified
2024-08-01 20:40
Summary
The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Instructor-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4318",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T17:12:08.570168Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-06T19:48:25.852Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:40:46.476Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bbb3c65-f02c-4d6d-bd4e-b3232af5e21b?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4456",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4575",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3086489/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Thanh Nam Tran",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Instructor-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T05:33:27.607Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bbb3c65-f02c-4d6d-bd4e-b3232af5e21b?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4456",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L4575",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3086489/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS <= 2.7.0 - Authenticated (Instructor+) SQL Injection",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4318",
      datePublished: "2024-05-16T05:33:27.607Z",
      dateReserved: "2024-04-29T17:07:39.420Z",
      dateUpdated: "2024-08-01T20:40:46.476Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24873
Vulnerability from cvelistv5
Published
2021-11-23 19:16
Modified
2024-08-03 19:49
Severity ?
Summary
The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:49:13.471Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.9.11",
                     status: "affected",
                     version: "1.9.11",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "JrXnm",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-11-23T19:16:14",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 1.9.11 - Reflected Cross-Site Scripting",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24873",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.9.11 - Reflected Cross-Site Scripting",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.9.11",
                                          version_value: "1.9.11",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "JrXnm",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
                     refsource: "MISC",
                     url: "https://wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3",
                  },
                  {
                     name: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
                     refsource: "CONFIRM",
                     url: "https://plugins.trac.wordpress.org/changeset/2615802/tutor",
                  },
               ],
            },
            source: {
               discovery: "EXTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24873",
      datePublished: "2021-11-23T19:16:14",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:49:13.471Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4351
Vulnerability from cvelistv5
Published
2024-05-16 09:32
Modified
2024-08-01 20:40
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.
Impacted products
Vendor Product Version
themium Tutor LMS Pro Version: *    2.7.0
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4351",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-24T18:27:03.219634Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:53:49.918Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:40:46.463Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/59859583-49e5-4a80-8659-b9ca7ddc089d?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.themeum.com/product/tutor-lms/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS Pro",
               vendor: "themium",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Villu Orav",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T09:32:11.196Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/59859583-49e5-4a80-8659-b9ca7ddc089d?source=cve",
            },
            {
               url: "https://www.themeum.com/product/tutor-lms/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege Escalation",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4351",
      datePublished: "2024-05-16T09:32:11.196Z",
      dateReserved: "2024-04-30T15:42:23.426Z",
      dateUpdated: "2024-08-01T20:40:46.463Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24181
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.715Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.7.7",
                     status: "affected",
                     version: "1.7.7",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 SQL Injection",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.7.7 - SQL Injection via tutor_mark_answer_as_correct",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24181",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.7.7 - SQL Injection via tutor_mark_answer_as_correct",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.7.7",
                                          version_value: "1.7.7",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-89 SQL Injection",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17",
                  },
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24181",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.715Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-25800
Vulnerability from cvelistv5
Published
2023-11-03 16:26
Modified
2024-09-05 18:29
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:32:12.655Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.2.0",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 8.8,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2023-25800",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-05T18:28:29.658906Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-05T18:29:21.093Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.2.1",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.2.0",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "Rafie Muhammad (Patchstack)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.<p>This issue affects Tutor LMS: from n/a through 2.2.0.</p>",
                  },
               ],
               value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-66",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-66 SQL Injection",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-03T16:26:12.916Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to&nbsp;2.2.1 or a higher version.",
                  },
               ],
               value: "Update to 2.2.1 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL Injection",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2023-25800",
      datePublished: "2023-11-03T16:26:12.916Z",
      dateReserved: "2023-02-15T12:11:10.695Z",
      dateUpdated: "2024-09-05T18:29:21.093Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-3553
Vulnerability from cvelistv5
Published
2024-05-02 16:52
Modified
2024-08-01 20:12
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hide_notices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable user registration on sites that may have it disabled.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.6.2",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-3553",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-09T17:12:47.399558Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-09T17:13:36.439Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:12:07.680Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8d4029e-07b0-4ceb-ae6e-11a3f7416ebc?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/classes/User.php",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.2",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Mohamed Awad",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hide_notices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable user registration on sites that may have it disabled.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-02T16:52:53.256Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8d4029e-07b0-4ceb-ae6e-11a3f7416ebc?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/classes/User.php",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-26T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-3553",
      datePublished: "2024-05-02T16:52:53.256Z",
      dateReserved: "2024-04-09T20:47:28.586Z",
      dateUpdated: "2024-08-01T20:12:07.680Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-5438
Vulnerability from cvelistv5
Published
2024-06-07 12:33
Modified
2024-08-01 21:11
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.1",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-5438",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-10T11:10:49.433499Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-10T11:11:29.535Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T21:11:12.745Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec14d4-d97b-40b1-b61b-05e911f49bb0?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Quiz.php#L1806",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3098465/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.1",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Thanh Nam Tran",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-639 Authorization Bypass Through User-Controlled Key",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-07T12:33:42.892Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec14d4-d97b-40b1-b61b-05e911f49bb0?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Quiz.php#L1806",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3098465/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-06-06T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS – eLearning and online course solution <= 2.7.1 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Quiz Attempt Deletion",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-5438",
      datePublished: "2024-06-07T12:33:42.892Z",
      dateReserved: "2024-05-28T16:56:50.600Z",
      dateUpdated: "2024-08-01T21:11:12.745Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4902
Vulnerability from cvelistv5
Published
2024-06-07 04:33
Modified
2024-08-09 19:44
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘course_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with admin access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:55:10.296Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00e8169-3b8f-44a0-9af2-e81777a913f8?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L1936",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3098465%40tutor%2Ftrunk&old=3086489%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file8",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.1",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4902",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-09T19:43:03.391351Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-09T19:44:13.254Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.1",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "wesley",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘course_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with admin access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 7.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-07T04:33:25.127Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00e8169-3b8f-44a0-9af2-e81777a913f8?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.7.0/classes/Utils.php#L1936",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3098465%40tutor%2Ftrunk&old=3086489%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file8",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-06-06T15:55:08.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL Injection",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4902",
      datePublished: "2024-06-07T04:33:25.127Z",
      dateReserved: "2024-05-15T10:04:42.882Z",
      dateUpdated: "2024-08-09T19:44:13.254Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-37266
Vulnerability from cvelistv5
Published
2024-07-09 10:08
Modified
2024-08-02 03:50
Summary
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-37266",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-09T13:56:03.845960Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-10T16:45:42.266Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T03:50:55.711Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-path-traversal-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.2",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.1",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "filime (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.<p>This issue affects Tutor LMS: from n/a through 2.7.1.</p>",
                  },
               ],
               value: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-126",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-126 Path Traversal",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-09T10:08:37.139Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-path-traversal-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.2 or a higher version.",
                  },
               ],
               value: "Update to 2.7.2 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.1 - Path Traversal vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-37266",
      datePublished: "2024-07-09T10:08:37.139Z",
      dateReserved: "2024-06-04T16:46:57.742Z",
      dateUpdated: "2024-08-02T03:50:55.711Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-4805
Vulnerability from cvelistv5
Published
2023-10-16 19:39
Modified
2024-08-02 07:38
Severity ?
Summary
The Tutor LMS WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow users such as subscriber to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
References
https://wpscan.com/vulnerability/1049e940-49b1-4236-bea2-c636f35c5647exploit, vdb-entry, technical-description
Impacted products
Vendor Product Version
Unknown Tutor LMS Version: 0   < 2.3.0
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T07:38:00.703Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "exploit",
                     "vdb-entry",
                     "technical-description",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/1049e940-49b1-4236-bea2-c636f35c5647",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               product: "Tutor LMS",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "2.3.0",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "emad-fazel",
            },
            {
               lang: "en",
               type: "coordinator",
               value: "WPScan",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow users such as subscriber to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-79 Cross-Site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-10-16T19:39:06.867Z",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
               ],
               url: "https://wpscan.com/vulnerability/1049e940-49b1-4236-bea2-c636f35c5647",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 2.3.0 - Subscriber+ Stored Cross-Site Scripting",
         x_generator: {
            engine: "WPScan CVE Generator",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2023-4805",
      datePublished: "2023-10-16T19:39:06.867Z",
      dateReserved: "2023-09-06T16:20:45.716Z",
      dateUpdated: "2024-08-02T07:38:00.703Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-43231
Vulnerability from cvelistv5
Published
2024-08-12 21:04
Modified
2024-08-13 17:33
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-43231",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-13T17:33:14.423613Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-13T17:33:26.136Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.4",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.3",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "justakazh (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.<p>This issue affects Tutor LMS: from n/a through 2.7.3.</p>",
                  },
               ],
               value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-592",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-592 Stored XSS",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-12T21:04:07.481Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.4 or a higher version.",
                  },
               ],
               value: "Update to 2.7.4 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-43231",
      datePublished: "2024-08-12T21:04:07.481Z",
      dateReserved: "2024-08-09T09:20:16.409Z",
      dateUpdated: "2024-08-13T17:33:26.136Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-49829
Vulnerability from cvelistv5
Published
2023-12-15 15:30
Modified
2024-08-02 22:01
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T22:01:26.162Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.3.0",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.2.4",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "emad (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.<p>This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4.</p>",
                  },
               ],
               value: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS – eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS – eLearning and online course solution: from n/a through 2.2.4.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-592",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-592 Stored XSS",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-12-15T15:30:36.144Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to&nbsp;2.3.0 or a higher version.",
                  },
               ],
               value: "Update to 2.3.0 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2023-49829",
      datePublished: "2023-12-15T15:30:36.144Z",
      dateReserved: "2023-11-30T15:27:45.875Z",
      dateUpdated: "2024-08-02T22:01:26.162Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10393
Vulnerability from cvelistv5
Published
2024-11-21 06:49
Modified
2024-11-21 14:44
Summary
The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'users_can_register' option in the 'register_instructor' function. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:-:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.6",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10393",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T14:43:24.916543Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T14:44:35.733Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.6",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "AmrAwad",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 2.7.6. This is due to a missing check for the 'users_can_register' option in the 'register_instructor' function. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "CWE-284 Improper Access Control",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-21T06:49:54.320Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf8aa169-df51-46db-8c65-f1543d4f75f9?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3186319/tutor",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-28T00:00:00.000+00:00",
               value: "Vendor Notified",
            },
            {
               lang: "en",
               time: "2024-11-20T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS <= 2.7.6 - User Registration Setting Bypass to Unauthorized User Registration",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-10393",
      datePublished: "2024-11-21T06:49:54.320Z",
      dateReserved: "2024-10-25T18:18:25.445Z",
      dateUpdated: "2024-11-21T14:44:35.733Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-3133
Vulnerability from cvelistv5
Published
2023-07-04 07:23
Modified
2024-11-21 15:05
Severity ?
Summary
The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.
Impacted products
Vendor Product Version
Unknown Tutor LMS Version: 0   < 2.2.1
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T06:48:07.356Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "exploit",
                     "vdb-entry",
                     "technical-description",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/3b6969a7-5cbc-4e16-8f27-5dde481237f5",
               },
               {
                  tags: [
                     "patch",
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.2.0/classes/RestAPI.php#L253",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://wordpress.org/plugins/tutor/",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-3133",
                        options: [
                           {
                              Exploitation: "poc",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T15:05:12.157318Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T15:05:21.758Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               product: "Tutor LMS",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "2.2.1",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "A. S. M. Muhiminul Hasan",
            },
            {
               lang: "en",
               type: "coordinator",
               value: "WPScan",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-639 Authorization Bypass Through User-Controlled Key",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-07-05T10:47:59.427Z",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
               ],
               url: "https://wpscan.com/vulnerability/3b6969a7-5cbc-4e16-8f27-5dde481237f5",
            },
            {
               tags: [
                  "patch",
               ],
               url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.2.0/classes/RestAPI.php#L253",
            },
            {
               url: "https://wordpress.org/plugins/tutor/",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API",
         x_generator: {
            engine: "WPScan CVE Generator",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2023-3133",
      datePublished: "2023-07-04T07:23:24.882Z",
      dateReserved: "2023-06-06T20:09:27.235Z",
      dateUpdated: "2024-11-21T15:05:21.758Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-10400
Vulnerability from cvelistv5
Published
2024-11-21 07:35
Modified
2024-11-21 14:42
Summary
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:-:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.76",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-10400",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T14:39:51.931258Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T14:42:16.859Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.6",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Michael Mazzolini",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up to, and including, 2.7.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-21T07:35:36.980Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/bcf37d4e-e94a-4046-9949-c208e4e70197?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3186319/tutor",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-10-28T00:00:00.000+00:00",
               value: "Vendor Notified",
            },
            {
               lang: "en",
               time: "2024-11-20T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS <= 2.7.6 - Unauthenticated SQL Injection via rating_filter",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-10400",
      datePublished: "2024-11-21T07:35:36.980Z",
      dateReserved: "2024-10-25T20:59:34.234Z",
      dateUpdated: "2024-11-21T14:42:16.859Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24184
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.926Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.7.7",
                     status: "affected",
                     version: "1.7.7",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-862",
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.7.7 - Unprotected AJAX including Privilege Escalation",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24184",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.7.7 - Unprotected AJAX including Privilege Escalation",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.7.7",
                                          version_value: "1.7.7",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-862 Missing Authorization",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/5e85917c-7a58-49cb-b8b3-05aa18ffff3e",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24184",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.926Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-43282
Vulnerability from cvelistv5
Published
2024-08-18 21:39
Modified
2024-08-19 14:28
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-43282",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-19T14:27:56.896231Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-19T14:28:14.533Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.3",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.2",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "justakazh (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.<p>This issue affects Tutor LMS: from n/a through 2.7.2.</p>",
                  },
               ],
               value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 7.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-18T21:39:11.082Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-sql-injection-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.3 or a higher version.",
                  },
               ],
               value: "Update to 2.7.3 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.2 - SQL Injection vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-43282",
      datePublished: "2024-08-18T21:39:11.082Z",
      dateReserved: "2024-08-09T09:21:05.084Z",
      dateUpdated: "2024-08-19T14:28:14.533Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24182
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.774Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.8.3",
                     status: "affected",
                     version: "1.8.3",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 SQL Injection",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_answers_by_question",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24182",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_answers_by_question",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.8.3",
                                          version_value: "1.8.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-89 SQL Injection",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/f74dfc52-46ba-41e3-994b-23115a22984f",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24182",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.774Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-0236
Vulnerability from cvelistv5
Published
2023-02-06 19:59
Modified
2024-08-02 05:02
Severity ?
Summary
The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
References
https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8exploit, vdb-entry, technical-description
Impacted products
Vendor Product Version
Unknown Tutor LMS Version: 0   < 2.0.10
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T05:02:44.106Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "exploit",
                     "vdb-entry",
                     "technical-description",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               product: "Tutor LMS",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "2.0.10",
                     status: "affected",
                     version: "0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "So Sakaguchi",
            },
            {
               lang: "en",
               type: "coordinator",
               value: "WPScan",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 2.0.10 does not sanitise and escape the reset_key and user_id parameters before outputting then back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-79 Cross-Site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-02-06T19:59:21.460Z",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "exploit",
                  "vdb-entry",
                  "technical-description",
               ],
               url: "https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting",
         x_generator: {
            engine: "WPScan CVE Generator",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2023-0236",
      datePublished: "2023-02-06T19:59:21.460Z",
      dateReserved: "2023-01-12T11:40:16.049Z",
      dateUpdated: "2024-08-02T05:02:44.106Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1128
Vulnerability from cvelistv5
Published
2024-02-20 18:56
Modified
2024-08-01 18:26
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 2.6.0. This is due to insufficient sanitization of HTML input in the Q&A functionality. This makes it possible for authenticated attackers, with Student access and above, to inject arbitrary HTML onto a site, though it does not allow Cross-Site Scripting
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1128",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-02-29T17:56:08.599731Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:59:46.845Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:26:30.434Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/22420c2d-788c-4577-ae54-7b48f6063f5d?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3037911/tutor/tags/2.6.1/classes/Q_and_A.php?old=2827221&old_path=tutor/trunk/classes/Q_and_A.php",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Pedro Paniago",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 2.6.0. This is due to insufficient sanitization of HTML input in the Q&A functionality. This makes it possible for authenticated attackers, with Student access and above, to inject arbitrary HTML onto a site, though it does not allow Cross-Site Scripting",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-20T18:56:22.265Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/22420c2d-788c-4577-ae54-7b48f6063f5d?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3037911/tutor/tags/2.6.1/classes/Q_and_A.php?old=2827221&old_path=tutor/trunk/classes/Q_and_A.php",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-20T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1128",
      datePublished: "2024-02-20T18:56:22.265Z",
      dateReserved: "2024-01-31T14:46:41.826Z",
      dateUpdated: "2024-08-01T18:26:30.434Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-37256
Vulnerability from cvelistv5
Published
2024-07-09 09:02
Modified
2024-08-02 03:50
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-37256",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-15T21:18:24.861218Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-15T21:18:54.044Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T03:50:55.973Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-sql-injection-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.2",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.1",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "justakazh (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.<p>This issue affects Tutor LMS: from n/a through 2.7.1.</p>",
                  },
               ],
               value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 7.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-09T09:02:44.548Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-1-sql-injection-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.2 or a higher version.",
                  },
               ],
               value: "Update to 2.7.2 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.1 - SQL Injection vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-37256",
      datePublished: "2024-07-09T09:02:44.548Z",
      dateReserved: "2024-06-04T16:46:44.986Z",
      dateUpdated: "2024-08-02T03:50:55.973Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2022-2563
Vulnerability from cvelistv5
Published
2022-10-17 00:00
Modified
2024-08-03 00:39
Severity ?
Summary
The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T00:39:08.066Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "2.0.10",
                     status: "affected",
                     version: "2.0.10",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "lucy",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-Site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-10-17T00:00:00",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               url: "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting",
         x_generator: "WPScan CVE Generator",
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2022-2563",
      datePublished: "2022-10-17T00:00:00",
      dateReserved: "2022-07-28T00:00:00",
      dateUpdated: "2024-08-03T00:39:08.066Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-8615
Vulnerability from cvelistv5
Published
2020-02-04 19:01
Modified
2024-08-04 10:03
Severity ?
Summary
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T10:03:46.179Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wpvulndb.com/vulnerabilities/10058",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-02T17:06:16",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wpvulndb.com/vulnerabilities/10058",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-8615",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpvulndb.com/vulnerabilities/10058",
                     refsource: "MISC",
                     url: "https://wpvulndb.com/vulnerabilities/10058",
                  },
                  {
                     name: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
                     refsource: "MISC",
                     url: "https://www.themeum.com/tutor-lms-updated-v1-5-3/",
                  },
                  {
                     name: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
                     refsource: "MISC",
                     url: "https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-8615",
      datePublished: "2020-02-04T19:01:06",
      dateReserved: "2020-02-04T00:00:00",
      dateUpdated: "2024-08-04T10:03:46.179Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-25990
Vulnerability from cvelistv5
Published
2023-11-03 16:22
Modified
2024-09-05 18:28
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:39:06.362Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.1.10",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 8.8,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2023-25990",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-05T18:25:46.963745Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-05T18:28:13.333Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.2.0",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.1.10",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "Rafie Muhammad (Patchstack)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.<p>This issue affects Tutor LMS: from n/a through 2.1.10.</p>",
                  },
               ],
               value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-66",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-66 SQL Injection",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-03T16:22:46.607Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to&nbsp;2.2.0 or a higher version.",
                  },
               ],
               value: "Update to 2.2.0 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2023-25990",
      datePublished: "2023-11-03T16:22:46.607Z",
      dateReserved: "2023-02-17T13:47:16.259Z",
      dateUpdated: "2024-09-05T18:28:13.333Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-25799
Vulnerability from cvelistv5
Published
2024-06-11 09:15
Modified
2024-08-09 18:36
Summary
Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:32:12.338Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-broken-access-control-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-25799",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-09T18:36:13.674263Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-09T18:36:31.119Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.1.9",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.1.8",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "Rafie Muhammad (Patchstack)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Missing Authorization vulnerability in Themeum Tutor LMS.<p>This issue affects Tutor LMS: from n/a through 2.1.8.</p>",
                  },
               ],
               value: "Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.3,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-862",
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-11T09:15:01.315Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-broken-access-control-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.1.9 or a higher version.",
                  },
               ],
               value: "Update to 2.1.9 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.1.8 - Multiple Broken Access Control vulnerabilities",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2023-25799",
      datePublished: "2024-06-11T09:15:01.315Z",
      dateReserved: "2023-02-15T12:11:10.695Z",
      dateUpdated: "2024-08-09T18:36:31.119Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1804
Vulnerability from cvelistv5
Published
2024-07-27 01:51
Modified
2024-08-01 18:48
Summary
The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1804",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-28T13:19:58.221567Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-28T13:20:03.518Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:48:22.025Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a49a22e-d54e-461d-83c2-8278494eac13?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor-lms-migration-tool/trunk/classes/LPtoTutorMigration.php#L579",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – Migration Tool",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.2.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Francesco Carlucci",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-862",
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-27T01:51:01.443Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a49a22e-d54e-461d-83c2-8278494eac13?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor-lms-migration-tool/trunk/classes/LPtoTutorMigration.php#L579",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-07-26T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS – Migration Tool <= 2.2.0 - Missing Authorization in tutor_import_from_xml",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1804",
      datePublished: "2024-07-27T01:51:01.443Z",
      dateReserved: "2024-02-22T20:53:58.094Z",
      dateUpdated: "2024-08-01T18:48:22.025Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4223
Vulnerability from cvelistv5
Published
2024-05-16 08:32
Modified
2024-08-01 20:33
Severity ?
Summary
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4223",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T18:38:07.086210Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:53:27.397Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:33:52.989Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3086489/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Villu Orav",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 9.8,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T08:32:50.538Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3086489/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS <= 2.7.0 - Missing Authorization",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4223",
      datePublished: "2024-05-16T08:32:50.538Z",
      dateReserved: "2024-04-26T00:21:41.464Z",
      dateUpdated: "2024-08-01T20:33:52.989Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4279
Vulnerability from cvelistv5
Published
2024-05-16 05:33
Modified
2024-08-01 20:33
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow authenticated attackers, with Instructor-level permissions and above, to delete any course.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4279",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T16:03:02.435431Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-06T19:47:56.372Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:33:53.164Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d04643-e43a-4732-91bf-e4af7b622e33?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Course_List.php#L357",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3086489/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Thanh Nam Tran",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow authenticated attackers, with Instructor-level permissions and above, to delete any course.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-639 Authorization Bypass Through User-Controlled Key",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T05:33:25.813Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/45d04643-e43a-4732-91bf-e4af7b622e33?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Course_List.php#L357",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3086489/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS – eLearning and online course solution <= 2.7.0 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Course Deletion",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4279",
      datePublished: "2024-05-16T05:33:25.813Z",
      dateReserved: "2024-04-26T21:54:28.341Z",
      dateUpdated: "2024-08-01T20:33:53.164Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24455
Vulnerability from cvelistv5
Published
2021-08-02 10:32
Modified
2024-08-03 19:35
Severity ?
Summary
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:35:19.191Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.9.2",
                     status: "affected",
                     version: "1.9.2",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Phu Tran from techlabcorp.com",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-08-02T10:32:01",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.9.2 - Authenticated Stored Cross-Site Scripting (XSS)",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24455",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.9.2 - Authenticated Stored Cross-Site Scripting (XSS)",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.9.2",
                                          version_value: "1.9.2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Phu Tran from techlabcorp.com",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by users as low as Tutor Instructor. This lead to a Stored Cross-Site Scripting issue, which is triggered when viewing the Announcements list, and could result in privilege escalation when viewed by an admin.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
                     refsource: "MISC",
                     url: "https://wpscan.com/vulnerability/9ef14cf1-1e04-4125-a296-9aa5388612f9",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24455",
      datePublished: "2021-08-02T10:32:01",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:35:19.191Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-3994
Vulnerability from cvelistv5
Published
2024-04-25 09:29
Modified
2024-08-01 20:26
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tutor_instructor_list' shortcode in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:wordpress:tutor_lms_elearning_and_online_course_solution:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms_elearning_and_online_course_solution",
                  vendor: "wordpress",
                  versions: [
                     {
                        status: "affected",
                        version: "-",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-3994",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-04-29T19:55:43.892914Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:32:35.467Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:26:57.212Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/324fc401-04ca-4707-8727-b8c3a66f7fd6?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/templates/shortcode/instructor-filter.php",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.2",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "wesley",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tutor_instructor_list' shortcode in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-04-25T09:29:58.460Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/324fc401-04ca-4707-8727-b8c3a66f7fd6?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3076302/tutor/tags/2.7.0/templates/shortcode/instructor-filter.php",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-04-24T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-3994",
      datePublished: "2024-04-25T09:29:58.460Z",
      dateReserved: "2024-04-19T14:29:46.312Z",
      dateUpdated: "2024-08-01T20:26:57.212Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4352
Vulnerability from cvelistv5
Published
2024-05-16 09:32
Modified
2024-08-01 20:40
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Vendor Product Version
themium Tutor LMS Pro Version: *    2.7.0
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms_pro:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms_pro",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.7.0",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4352",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T17:38:49.585681Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-06T19:48:41.219Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:40:47.182Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c647beda-cf73-4372-975f-a8c8ed05217f?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.themeum.com/product/tutor-lms/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS Pro",
               vendor: "themium",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Villu Orav",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T09:32:12.341Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/c647beda-cf73-4372-975f-a8c8ed05217f?source=cve",
            },
            {
               url: "https://www.themeum.com/product/tutor-lms/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS Pro <= 2.7.0 - Missing Authorization to SQL Injection",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4352",
      datePublished: "2024-05-16T09:32:12.341Z",
      dateReserved: "2024-04-30T15:46:27.864Z",
      dateUpdated: "2024-08-01T20:40:47.182Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1133
Vulnerability from cvelistv5
Published
2024-02-20 18:56
Modified
2024-08-01 18:26
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions in all versions up to, and including, 2.6.0. This makes it possible for authenticated attackers, with subscriber access or higher, to interact with questions in courses in which they are not enrolled including private courses.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1133",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-02-29T18:57:48.675077Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:59:36.612Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:26:30.481Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8a7c04a-1fa0-434d-8161-7a32cefb44c4?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037911%40tutor%2Ftrunk&old=3020286%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file12",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Pedro Paniago",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions in all versions up to, and including, 2.6.0. This makes it possible for authenticated attackers, with subscriber access or higher, to interact with questions in courses in which they are not enrolled including private courses.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-02-20T18:56:49.287Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/e8a7c04a-1fa0-434d-8161-7a32cefb44c4?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037911%40tutor%2Ftrunk&old=3020286%40tutor%2Ftrunk&sfp_email=&sfph_mail=#file12",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-02-20T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1133",
      datePublished: "2024-02-20T18:56:49.287Z",
      dateReserved: "2024-01-31T17:33:00.570Z",
      dateUpdated: "2024-08-01T18:26:30.481Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-2919
Vulnerability from cvelistv5
Published
2024-09-10 09:30
Modified
2024-09-10 13:28
Summary
The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addon_enable_disable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-2919",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-10T13:25:10.609619Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-10T13:28:13.746Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.7.4",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Ramuel Gall",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. This is due to missing or incorrect nonce validation on the 'addon_enable_disable' function. This makes it possible for unauthenticated attackers to enable or disable addons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-352",
                     description: "CWE-352 Cross-Site Request Forgery (CSRF)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-10T09:30:19.274Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/992abd72-2a8e-4bda-94c2-4a7f88487906?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset/3148621/tutor/tags/2.7.5/classes/Ajax.php",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Ajax.php?rev=3128650#L506",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-09-09T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS <= 2.7.4 - Cross-Site Request Forgery via 'addon_enable_disable'",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2023-2919",
      datePublished: "2024-09-10T09:30:19.274Z",
      dateReserved: "2023-05-26T15:39:34.772Z",
      dateUpdated: "2024-09-10T13:28:13.746Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1502
Vulnerability from cvelistv5
Published
2024-03-12 23:33
Modified
2024-08-01 19:24
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:40:21.314Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/834c4ca9-7173-4c84-8287-9916ec72935d?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1502",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-01T19:24:09.747978Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-01T19:24:16.723Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.1",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Lucio Sá",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-12T23:33:50.040Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/834c4ca9-7173-4c84-8287-9916ec72935d?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-12T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1502",
      datePublished: "2024-03-12T23:33:50.040Z",
      dateReserved: "2024-02-14T17:56:50.703Z",
      dateUpdated: "2024-08-01T19:24:16.723Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24186
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.629Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.8.3",
                     status: "affected",
                     version: "1.8.3",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 SQL Injection",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.8.3 - SQL Injection via tutor_answering_quiz_question/get_answer_by_id",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24186",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.8.3 - SQL Injection via tutor_answering_quiz_question/get_answer_by_id",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.8.3",
                                          version_value: "1.8.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-89 SQL Injection",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24186",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.629Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24242
Vulnerability from cvelistv5
Published
2021-04-22 21:00
Modified
2024-08-03 19:21
Severity ?
Summary
The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.966Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Themeum",
               versions: [
                  {
                     lessThan: "1.8.8",
                     status: "affected",
                     version: "1.8.8",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "sasa",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-22T21:00:51",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.8.8 - Authenticated Local File Inclusion",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24242",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.8.8 - Authenticated Local File Inclusion",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.8.8",
                                          version_value: "1.8.8",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Themeum",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "sasa",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/20f3e63a-31d8-49a0-b4ef-209749feff5c",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24242",
      datePublished: "2021-04-22T21:00:51",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.966Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1751
Vulnerability from cvelistv5
Published
2024-03-13 15:27
Modified
2024-08-09 20:17
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the question_id parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber/student access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:48:22.025Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9cee379-79f8-4a60-b1bb-ccab1e954512?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.6.1/classes/Utils.php#L4555",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unaffected",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.6.1",
                        status: "affected",
                        version: "0",
                        versionType: "semver",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1751",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-03-13T18:39:00.909240Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-09T20:17:13.929Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.1",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Muhammad Hassham Nagori",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the question_id parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with subscriber/student access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-13T15:27:26.103Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9cee379-79f8-4a60-b1bb-ccab1e954512?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/tags/2.6.1/classes/Utils.php#L4555",
            },
            {
               url: "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-11T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1751",
      datePublished: "2024-03-13T15:27:26.103Z",
      dateReserved: "2024-02-22T14:35:20.484Z",
      dateUpdated: "2024-08-09T20:17:13.929Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-39645
Vulnerability from cvelistv5
Published
2024-08-26 20:55
Modified
2024-08-27 13:48
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-39645",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-27T13:31:39.214721Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-27T13:48:14.607Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.3",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.2",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "Rafie Muhammad (Patchstack)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.<p>This issue affects Tutor LMS: from n/a through 2.7.2.</p>",
                  },
               ],
               value: "Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-352",
                     description: "CWE-352 Cross-Site Request Forgery (CSRF)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-26T20:55:42.339Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.3 or a higher version.",
                  },
               ],
               value: "Update to 2.7.3 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Request Forgery (CSRF) vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-39645",
      datePublished: "2024-08-26T20:55:42.339Z",
      dateReserved: "2024-06-26T21:18:49.917Z",
      dateUpdated: "2024-08-27T13:48:14.607Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2023-25700
Vulnerability from cvelistv5
Published
2023-11-03 16:44
Modified
2024-09-05 18:44
Severity ?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T11:32:11.424Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-unauthenticated-sql-injection-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tutor_lms",
                  vendor: "themeum",
                  versions: [
                     {
                        lessThanOrEqual: "2.1.10",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 9.8,
                     baseSeverity: "CRITICAL",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2023-25700",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-05T18:44:09.676699Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-05T18:44:50.270Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.2.0",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.1.10",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "Rafie Muhammad (Patchstack)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.<p>This issue affects Tutor LMS: from n/a through 2.1.10.</p>",
                  },
               ],
               value: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.\n\n",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-66",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-66 SQL Injection",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-11-03T16:44:47.440Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-unauthenticated-sql-injection-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to&nbsp;2.2.0 or a higher version",
                  },
               ],
               value: "Update to 2.2.0 or a higher version",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2023-25700",
      datePublished: "2023-11-03T16:44:47.440Z",
      dateReserved: "2023-02-13T04:13:47.557Z",
      dateUpdated: "2024-09-05T18:44:50.270Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-1503
Vulnerability from cvelistv5
Published
2024-03-12 23:33
Modified
2024-08-02 20:13
Summary
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect nonce validation on the erase_tutor_data() function. This makes it possible for unauthenticated attackers to deactivate the plugin and erase all data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This requires the "Erase upon uninstallation" option to be enabled.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T18:40:21.180Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/050647a8-6743-46e4-b31c-0b5bd4a1007f?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Admin.php#L465",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-1503",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-02T20:13:27.379635Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-02T20:13:37.202Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "themeum",
               versions: [
                  {
                     lessThanOrEqual: "2.6.1",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Lucio Sá",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.1. This is due to missing or incorrect nonce validation on the erase_tutor_data() function. This makes it possible for unauthenticated attackers to deactivate the plugin and erase all data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This requires the \"Erase upon uninstallation\" option to be enabled.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-352 Cross-Site Request Forgery (CSRF)",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-03-12T23:33:49.090Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/050647a8-6743-46e4-b31c-0b5bd4a1007f?source=cve",
            },
            {
               url: "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Admin.php#L465",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-03-12T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-1503",
      datePublished: "2024-03-12T23:33:49.090Z",
      dateReserved: "2024-02-14T18:06:20.176Z",
      dateUpdated: "2024-08-02T20:13:37.202Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24185
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.658Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.7.7",
                     status: "affected",
                     version: "1.7.7",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 SQL Injection",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.7.7 - SQL Injection via tutor_place_rating",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24185",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.7.7 - SQL Injection via tutor_place_rating",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.7.7",
                                          version_value: "1.7.7",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-89 SQL Injection",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/0cba5349-e916-43f0-a1fe-62cf73e352a2",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24185",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.658Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-37947
Vulnerability from cvelistv5
Published
2024-07-20 08:31
Modified
2024-08-02 04:04
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.
Impacted products
Vendor Product Version
Themeum Tutor LMS Version: n/a   <
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-37947",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-07-22T19:13:42.951771Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-07-22T19:15:13.641Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T04:04:23.428Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               collectionURL: "https://wordpress.org/plugins",
               defaultStatus: "unaffected",
               packageName: "tutor",
               product: "Tutor LMS",
               vendor: "Themeum",
               versions: [
                  {
                     changes: [
                        {
                           at: "2.7.3",
                           status: "unaffected",
                        },
                     ],
                     lessThanOrEqual: "2.7.2",
                     status: "affected",
                     version: "n/a",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               user: "00000000-0000-4000-9000-000000000000",
               value: "justakazh (Patchstack Alliance)",
            },
         ],
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.<p>This issue affects Tutor LMS: from n/a through 2.7.2.</p>",
                  },
               ],
               value: "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-592",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-592 Stored XSS",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "HIGH",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
                  version: "3.1",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-20T08:31:16.345Z",
            orgId: "21595511-bba5-4825-b968-b78d1f9984a3",
            shortName: "Patchstack",
         },
         references: [
            {
               tags: [
                  "vdb-entry",
               ],
               url: "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Update to 2.7.3 or a higher version.",
                  },
               ],
               value: "Update to 2.7.3 or a higher version.",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability",
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "21595511-bba5-4825-b968-b78d1f9984a3",
      assignerShortName: "Patchstack",
      cveId: "CVE-2024-37947",
      datePublished: "2024-07-20T08:31:16.345Z",
      dateReserved: "2024-06-10T21:14:27.201Z",
      dateUpdated: "2024-08-02T04:04:23.428Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24740
Vulnerability from cvelistv5
Published
2021-10-18 13:46
Modified
2024-08-03 19:42
Severity ?
Summary
The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:42:16.648Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.9.9",
                     status: "affected",
                     version: "1.9.9",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Shivam Rai",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-79",
                     description: "CWE-79 Cross-site Scripting (XSS)",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-18T13:46:07",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Tutor LMS < 1.9.9 - Multiple Admin+ Stored Cross-Site Scripting",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24740",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.9.9 - Multiple Admin+ Stored Cross-Site Scripting",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.9.9",
                                          version_value: "1.9.9",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Shivam Rai",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-79 Cross-site Scripting (XSS)",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
                     refsource: "MISC",
                     url: "https://wpscan.com/vulnerability/e6cf694d-c4ae-4b91-97c0-a6bdbafc7d60",
                  },
               ],
            },
            source: {
               discovery: "EXTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24740",
      datePublished: "2021-10-18T13:46:07",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:42:16.648Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-24183
Vulnerability from cvelistv5
Published
2021-04-05 18:27
Modified
2024-08-03 19:21
Severity ?
Summary
The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Impacted products
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:21:18.708Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Tutor LMS – eLearning and online course solution",
               vendor: "Unknown",
               versions: [
                  {
                     lessThan: "1.8.3",
                     status: "affected",
                     version: "1.8.3",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Chloe Chamberland",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-89",
                     description: "CWE-89 SQL Injection",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-04-05T18:27:45",
            orgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
            shortName: "WPScan",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_question_form",
         x_generator: "WPScan CVE Generator",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "contact@wpscan.com",
               ID: "CVE-2021-24183",
               STATE: "PUBLIC",
               TITLE: "Tutor LMS < 1.8.3 - SQL Injection via tutor_quiz_builder_get_question_form",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Tutor LMS – eLearning and online course solution",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "1.8.3",
                                          version_value: "1.8.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Unknown",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Chloe Chamberland",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.",
                  },
               ],
            },
            generator: "WPScan CVE Generator",
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-89 SQL Injection",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                     refsource: "MISC",
                     url: "https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/",
                  },
                  {
                     name: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
                     refsource: "CONFIRM",
                     url: "https://wpscan.com/vulnerability/9b8da6b7-f1d6-4a7d-a621-4ca01e4b7496",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
      assignerShortName: "WPScan",
      cveId: "CVE-2021-24183",
      datePublished: "2021-04-05T18:27:45",
      dateReserved: "2021-01-14T00:00:00",
      dateUpdated: "2024-08-03T19:21:18.708Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-4222
Vulnerability from cvelistv5
Published
2024-05-16 09:32
Modified
2024-08-01 20:33
Summary
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.
Impacted products
Vendor Product Version
themium Tutor LMS Pro Version: *    2.7.0
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-4222",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T15:16:59.311251Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:53:29.676Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:33:53.068Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/942fffb6-2719-4b70-9759-21b2d50002c5?source=cve",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.themeum.com/product/tutor-lms/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Tutor LMS Pro",
               vendor: "themium",
               versions: [
                  {
                     lessThanOrEqual: "2.7.0",
                     status: "affected",
                     version: "*",
                     versionType: "semver",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Villu Orav",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "CWE-862 Missing Authorization",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-16T09:32:11.833Z",
            orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            shortName: "Wordfence",
         },
         references: [
            {
               url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/942fffb6-2719-4b70-9759-21b2d50002c5?source=cve",
            },
            {
               url: "https://www.themeum.com/product/tutor-lms/",
            },
         ],
         timeline: [
            {
               lang: "en",
               time: "2024-05-15T00:00:00.000+00:00",
               value: "Disclosed",
            },
         ],
         title: "Tutor LMS Pro <= 2.7.0 - Missing Authorization",
      },
   },
   cveMetadata: {
      assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
      assignerShortName: "Wordfence",
      cveId: "CVE-2024-4222",
      datePublished: "2024-05-16T09:32:11.833Z",
      dateReserved: "2024-04-26T00:00:13.727Z",
      dateUpdated: "2024-08-01T20:33:53.068Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}