CVE-2024-3994 | Tutor LMS Plugin up to 2.6.2 on WordPress Shortcode tutor_instructor_list cross site scripting

Inserito da Angelo Barbosa | Apr 25, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Tutor LMS Plugin up to 2.6.2 on WordPress. Affected by this issue is the function tutor_instructor_list of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2024-3994. The attack may be launched remotely. There is no exploit available.

CVE-2024-3994 | Tutor LMS Plugin up to 2.6.2 on WordPress Shortcode tutor_instructor_list cross site scripting

Post correlati

CVE-2024-1953 | Mattermost up to 8.1.8/9.2.4/9.3.0/9.4.1 HTTP Request resource consumption

CVE-2024-42339 | CyberArk Identity Management information disclosure

CVE-2024-43787 | honojs hono up to 4.5.7 cross-site request forgery

CVE-2024-1422 | Elementor Addon Elements Plugin up to 1.12.12 on WordPress Modal Popup Effect cross site scripting