Vulnerability Details CVE-2021-24181
The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17
- https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/
- https://wpscan.com/vulnerability/d5a00322-7098-4f8d-8e5e-157b63449c17
- https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/
Products affected by CVE-2021-24181
-
cpe:2.3:a:themeum:tutor_lms:-
-
cpe:2.3:a:themeum:tutor_lms:1.0.0
-
cpe:2.3:a:themeum:tutor_lms:1.0.1
-
cpe:2.3:a:themeum:tutor_lms:1.0.2
-
cpe:2.3:a:themeum:tutor_lms:1.0.3
-
cpe:2.3:a:themeum:tutor_lms:1.0.4
-
cpe:2.3:a:themeum:tutor_lms:1.0.5
-
cpe:2.3:a:themeum:tutor_lms:1.0.6
-
cpe:2.3:a:themeum:tutor_lms:1.0.7
-
cpe:2.3:a:themeum:tutor_lms:1.0.8
-
cpe:2.3:a:themeum:tutor_lms:1.0.9
-
cpe:2.3:a:themeum:tutor_lms:1.1.0
-
cpe:2.3:a:themeum:tutor_lms:1.1.1
-
cpe:2.3:a:themeum:tutor_lms:1.2.0
-
cpe:2.3:a:themeum:tutor_lms:1.2.1
-
cpe:2.3:a:themeum:tutor_lms:1.2.11
-
cpe:2.3:a:themeum:tutor_lms:1.2.12
-
cpe:2.3:a:themeum:tutor_lms:1.2.13
-
cpe:2.3:a:themeum:tutor_lms:1.2.20
-
cpe:2.3:a:themeum:tutor_lms:1.3.0
-
cpe:2.3:a:themeum:tutor_lms:1.3.1
-
cpe:2.3:a:themeum:tutor_lms:1.3.2
-
cpe:2.3:a:themeum:tutor_lms:1.3.3
-
cpe:2.3:a:themeum:tutor_lms:1.3.4
-
cpe:2.3:a:themeum:tutor_lms:1.3.5
-
cpe:2.3:a:themeum:tutor_lms:1.3.6
-
cpe:2.3:a:themeum:tutor_lms:1.3.7
-
cpe:2.3:a:themeum:tutor_lms:1.3.8
-
cpe:2.3:a:themeum:tutor_lms:1.3.9
-
cpe:2.3:a:themeum:tutor_lms:1.4.0
-
cpe:2.3:a:themeum:tutor_lms:1.4.1
-
cpe:2.3:a:themeum:tutor_lms:1.4.2
-
cpe:2.3:a:themeum:tutor_lms:1.4.3
-
cpe:2.3:a:themeum:tutor_lms:1.4.4
-
cpe:2.3:a:themeum:tutor_lms:1.4.5
-
cpe:2.3:a:themeum:tutor_lms:1.4.6
-
cpe:2.3:a:themeum:tutor_lms:1.4.7
-
cpe:2.3:a:themeum:tutor_lms:1.4.8
-
cpe:2.3:a:themeum:tutor_lms:1.4.9
-
cpe:2.3:a:themeum:tutor_lms:1.5.0
-
cpe:2.3:a:themeum:tutor_lms:1.5.1
-
cpe:2.3:a:themeum:tutor_lms:1.5.2
-
cpe:2.3:a:themeum:tutor_lms:1.5.3
-
cpe:2.3:a:themeum:tutor_lms:1.5.4
-
cpe:2.3:a:themeum:tutor_lms:1.5.5
-
cpe:2.3:a:themeum:tutor_lms:1.5.6
-
cpe:2.3:a:themeum:tutor_lms:1.5.7
-
cpe:2.3:a:themeum:tutor_lms:1.5.8
-
cpe:2.3:a:themeum:tutor_lms:1.5.9
-
cpe:2.3:a:themeum:tutor_lms:1.6.0
-
cpe:2.3:a:themeum:tutor_lms:1.6.1
-
cpe:2.3:a:themeum:tutor_lms:1.6.2
-
cpe:2.3:a:themeum:tutor_lms:1.6.3
-
cpe:2.3:a:themeum:tutor_lms:1.6.4
-
cpe:2.3:a:themeum:tutor_lms:1.6.5
-
cpe:2.3:a:themeum:tutor_lms:1.6.6
-
cpe:2.3:a:themeum:tutor_lms:1.6.7
-
cpe:2.3:a:themeum:tutor_lms:1.6.8
-
cpe:2.3:a:themeum:tutor_lms:1.6.9
-
cpe:2.3:a:themeum:tutor_lms:1.7.0
-
cpe:2.3:a:themeum:tutor_lms:1.7.1
-
cpe:2.3:a:themeum:tutor_lms:1.7.2
-
cpe:2.3:a:themeum:tutor_lms:1.7.3
-
cpe:2.3:a:themeum:tutor_lms:1.7.4
-
cpe:2.3:a:themeum:tutor_lms:1.7.5
-
cpe:2.3:a:themeum:tutor_lms:1.7.6