Vulnerabilities > Cluevo

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2023-40607 Cross-Site Request Forgery (CSRF) vulnerability in Cluevo Learning Management System
Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions.
network
low complexity
cluevo CWE-352
8.8
2022-02-07 CVE-2021-25029 Cross-site Scripting vulnerability in Cluevo Learning Management System
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
cluevo CWE-79
3.5