CVE-2025-13673 | Tutor LMS Plugin up to 3.9.4/3.9.6 on WordPress coupon_code sql injection

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability described as critical has been identified in Tutor LMS Plugin up to 3.9.4/3.9.6 on WordPress. The impacted element is an unknown function. The manipulation of the argument coupon_code results in sql injection.

This vulnerability is cataloged as CVE-2025-13673. The attack may be launched remotely. There is no exploit available.

CVE-2025-13673 | Tutor LMS Plugin up to 3.9.4/3.9.6 on WordPress coupon_code sql injection

Post correlati

CVE-2024-25817 | eza up to 0.18.1 Git buffer overflow (GHSA-3qx3-6hxr-j2ch)

CVE-2025-14971 | Link Invoice Payment for WooCommerce Plugin up to 2.8.0 on WordPress authorization

CVE-2023-50961 | IBM QRadar SIEM 7.5 Web UI cross site scripting (XFDB-275939)

CVE-2025-2031 | ChestnutCMS up to 1.5.2 /dev-api/cms/file/upload uploadFile file unrestricted upload