Vulnerability Database
Submit a vulnerability
Menu
Submit a vulnerability
Virtual patches available
Back to Vulnerabilities
WordPress Tutor LMS plugin <= 1.7.6 - Multiple Blind/Time-based SQL Injection (SQLi) vulnerabilities
tutor
Software
Tutor LMS
Versions
<= 1.7.6
Disclosure date
2021-03-15
CVE
CVE-N/A
References
Vulnerability details
Plugin changelog
Credits
WordFence
Classification
SQL Injection
OWASP Top 10
A1: Injection
CVSS 3.0 score
Plugin does not exist, is not supported or discontinued.
Are your websites subject to this vulnerability?
Patch now
View vulnerabilities for this software
Details
Multiple Blind/Time-based SQL Injection (SQLi) vulnerabilities were discovered by WordFence in the WordPress Tutor LMS plugin (versions <= 1.7.6).
Solution
Update the WordPress Tutor LMS plugin to the latest available version (at least 1.7.7).
Found a vulnerability that puts your sites at risk?
Patches available at Patchstack
Found a vulnerability? Help us secure the web and join our community of ethical hackers.
Report a Vulnerability
Are you the developer of this software? Hire our researchers for a thorough security audit.
Learn more
Features
Pricing
Articles
Resources
Login
Try Free
Menu
Features
Pricing
Articles
Resources
Login
Try Free