Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Tutor LMS — Vulnerabilities & Security Advisories 20

All 20 CVE vulnerabilities found in Tutor LMS, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPaused
CVE-2026-40740 WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerability CWE-862 8.1 -2026-04-15
CVE-2025-32223 WordPress Tutor LMS plugin <= 3.9.4 - Insecure Direct Object References (IDOR) vulnerability CWE-639 8.1 -2026-03-19
CVE-2026-23799 WordPress Tutor LMS plugin <= 3.9.5 - Broken Access Control vulnerability CWE-862 6.5 Medium2026-03-05
CVE-2025-47555 WordPress Tutor LMS plugin <= 3.9.4 - Insecure Direct Object References (IDOR) vulnerability CWE-639 3.8 Low2026-01-22
CVE-2025-58993 WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability CWE-89 7.6 High2025-09-09
CVE-2025-32230 WordPress Tutor LMS plugin <= 3.4.0 - HTML Injection vulnerability CWE-80 4.3 Medium2025-04-10
CVE-2024-43142 WordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-39645 WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 5.4 Medium2024-08-26
CVE-2024-43282 WordPress Tutor LMS plugin <= 2.7.2 - SQL Injection vulnerability CWE-89 7.6 High2024-08-18
CVE-2024-43231 WordPress Tutor LMS plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-08-12
CVE-2024-37947 WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-07-20
CVE-2024-37266 WordPress Tutor LMS plugin <= 2.7.1 - Path Traversal vulnerability CWE-22 4.9 Medium2024-07-09
CVE-2024-37256 WordPress Tutor LMS plugin <= 2.7.1 - SQL Injection vulnerability CWE-89 7.6 High2024-07-09
CVE-2023-25799 WordPress Tutor LMS plugin <= 2.1.8 - Multiple Broken Access Control vulnerabilities CWE-862 8.3 High2024-06-11
CVE-2023-25700 WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection CWE-89 8.8 -2023-11-03
CVE-2023-25800 WordPress Tutor LMS Plugin <= 2.2.0 is vulnerable to SQL Injection CWE-89 8.8 -2023-11-03
CVE-2023-25990 WordPress Tutor LMS Plugin <= 2.1.10 is vulnerable to SQL Injection CWE-89 8.8 -2023-11-03
CVE-2023-4805 Tutor LMS < 2.3.0 - Subscriber+ Stored Cross-Site Scripting 5.4 -2023-10-16
CVE-2023-3133 Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API 5.3 -2023-07-04
CVE-2023-0236 Tutor LMS < 2.0.10 - Reflected Cross-Site Scripting 6.1 -2023-02-06

All 20 known CVE vulnerabilities affecting Tutor LMS with full Chinese analysis, references, and POCs where available.