Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 80 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-13679 Tutor LMS <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via tutor_order_details themeumTutor LMS – eLearning and online course solution Medium 6.5 2026-01-08 07:04:13 Deep Dive
CVE-2025-63042 WordPress Tutor LMS Elementor Addons plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability ThemeumTutor LMS Elementor Addons--2025-12-09 14:52:31 Deep Dive
CVE-2025-6639 Tutor LMS Pro – eLearning and online course solution <= 3.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to View/Edit Other Assignments themeumTutor LMS Pro Medium 5.4 2025-10-25 05:31:22 Deep Dive
CVE-2025-11564 Tutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status Update themeumTutor LMS – eLearning and online course solution Medium 5.3 2025-10-25 05:31:20 Deep Dive
CVE-2025-6680 Tutor LMS <= 3.8.3 - Missing Authorization to Sensitive Information Exposure themeumTutor LMS – eLearning and online course solution Medium 4.3 2025-10-25 05:31:19 Deep Dive
CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability ThemeumQubely Medium 4.3 2025-09-22 18:23:30 Deep Dive
CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability ThemeumQubely Medium 4.3 2025-09-22 18:23:00 Deep Dive
CVE-2025-58993 WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability ThemeumTutor LMS High 7.6 2025-09-09 16:33:07 Deep Dive
CVE-2025-6184 Tutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL Injection themeumTutor LMS Pro High 8.8 2025-08-13 06:39:50 Deep Dive
CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability ThemeumTutor LMS Medium 4.3 2025-04-10 08:09:46 Deep Dive
CVE-2025-31892 WordPress WP Crowdfunding plugin <= 2.1.15 - Cross Site Scripting (XSS) vulnerability ThemeumWP Crowdfunding Medium 6.5 2025-04-01 14:52:22 Deep Dive
CVE-2025-1508 WP Crowdfunding <= 2.1.14 - Missing Authorization to Authenticated (Subscriber+) Post Content Download themeumWP Crowdfunding Medium 5.3 2025-03-12 03:21:28 Deep Dive
CVE-2024-13228 Qubely – Advanced Gutenberg Blocks <= 1.8.13 - Authenticated (Contributor+) Sensitive Information Exposure via qubely_get_content themeumQubely – Advanced Gutenberg Blocks Medium 4.3 2025-03-11 07:05:17 Deep Dive
CVE-2025-26767 WordPress Qubely plugin <= 1.8.12 - Cross Site Scripting (XSS) vulnerability ThemeumQubely Medium 6.5 2025-02-16 22:17:19 Deep Dive
CVE-2024-9601 Qubely – Advanced Gutenberg Blocks <= 1.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' and 'UniqueID' themeumQubely – Advanced Gutenberg Blocks Medium 6.5 2025-02-14 06:40:12 Deep Dive
CVE-2024-54282 WordPress WP Mega Menu plugin <= 1.4.2 - PHP Object Injection vulnerability ThemeumWP Mega Menu High 7.2 2024-12-13 14:25:01 Deep Dive
CVE-2023-41870 WordPress WP Crowdfunding plugin <= 2.1.5 - Broken Access Control vulnerability ThemeumWP Crowdfunding Medium 4.3 2024-12-13 14:24:23 Deep Dive
CVE-2024-11910 WP Crowdfunding <= 2.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting themeumWP Crowdfunding Medium 6.4 2024-12-13 08:24:51 Deep Dive
CVE-2024-11911 WP Crowdfunding <= 2.1.12 - Missing Authorization to Authenticated (Subscriber+) WooCommerce Installation themeumWP Crowdfunding Medium 4.3 2024-12-13 08:24:50 Deep Dive
CVE-2024-53816 WordPress Tutor LMS Elementor Addons plugin <= 2.1.5 - Broken Access Control vulnerability ThemeumTutor LMS Elementor Addons Medium 4.3 2024-12-09 12:59:40 Deep Dive