Vulnerabilities > Themeum > Tutor LMS > 2.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2023-2919 | Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.4. | 4.3 |
| 2024-08-26 | CVE-2024-39645 | Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2. | 8.8 |
| 2024-08-18 | CVE-2024-43282 | SQL Injection vulnerability in Themeum Tutor LMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2. | 7.2 |
| 2024-08-12 | CVE-2024-43231 | Cross-site Scripting vulnerability in Themeum Tutor LMS Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.3. | 5.4 |
| 2024-07-20 | CVE-2024-37947 | Unspecified vulnerability in Themeum Tutor LMS Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2. | 4.8 |