RSS   Vulnerabilities for 'Tutor lms'   RSS

2021-11-23
 
CVE-2021-24873

CWE-79
 

 
The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue

 
2021-10-18
 
CVE-2021-24740

CWE-79
 

 
The Tutor LMS WordPress plugin before 1.9.9 does not escape some of its settings before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

 
2021-08-02
 
CVE-2021-24455

CWE-79
 

 

 
2021-04-22
 
CVE-2021-24242

CWE-22
 

 

 
2021-04-05
 
CVE-2021-24186

CWE-89
 

 

 
 
CVE-2021-24185

CWE-89
 

 

 
 
CVE-2021-24184

CWE-269
 

 

 
 
CVE-2021-24183

CWE-89
 

 

 
 
CVE-2021-24182

CWE-89
 

 

 
 
CVE-2021-24181

CWE-89
 

 

 


Copyright 2021, cxsecurity.com

 

Back to Top