Vulnerabilities > Themeum > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2023-25800 | SQL Injection vulnerability in Themeum Tutor LMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0. | 8.8 |
| 2023-11-03 | CVE-2023-25990 | Unspecified vulnerability in Themeum Tutor LMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10. | 8.8 |
| 2023-08-07 | CVE-2021-24916 | Unspecified vulnerability in Themeum Qubely The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubely_send_form_data AJAX action. | 7.5 |
| 2023-07-04 | CVE-2023-3133 | Unspecified vulnerability in Themeum Tutor LMS The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available. | 7.5 |
| 2021-04-05 | CVE-2021-24184 | Unspecified vulnerability in Themeum Tutor LMS Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions. | 8.8 |