Vulnerability Details CVE-2021-24186
The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60
- https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/
- https://wpscan.com/vulnerability/5f5c0c6c-6f76-4366-b590-0aab557f8c60
- https://www.wordfence.com/blog/2021/03/several-vulnerabilities-patched-in-tutor-lms-plugin/
Products affected by CVE-2021-24186
-
cpe:2.3:a:themeum:tutor_lms:-
-
cpe:2.3:a:themeum:tutor_lms:1.0.0
-
cpe:2.3:a:themeum:tutor_lms:1.0.1
-
cpe:2.3:a:themeum:tutor_lms:1.0.2
-
cpe:2.3:a:themeum:tutor_lms:1.0.3
-
cpe:2.3:a:themeum:tutor_lms:1.0.4
-
cpe:2.3:a:themeum:tutor_lms:1.0.5
-
cpe:2.3:a:themeum:tutor_lms:1.0.6
-
cpe:2.3:a:themeum:tutor_lms:1.0.7
-
cpe:2.3:a:themeum:tutor_lms:1.0.8
-
cpe:2.3:a:themeum:tutor_lms:1.0.9
-
cpe:2.3:a:themeum:tutor_lms:1.1.0
-
cpe:2.3:a:themeum:tutor_lms:1.1.1
-
cpe:2.3:a:themeum:tutor_lms:1.2.0
-
cpe:2.3:a:themeum:tutor_lms:1.2.1
-
cpe:2.3:a:themeum:tutor_lms:1.2.11
-
cpe:2.3:a:themeum:tutor_lms:1.2.12
-
cpe:2.3:a:themeum:tutor_lms:1.2.13
-
cpe:2.3:a:themeum:tutor_lms:1.2.20
-
cpe:2.3:a:themeum:tutor_lms:1.3.0
-
cpe:2.3:a:themeum:tutor_lms:1.3.1
-
cpe:2.3:a:themeum:tutor_lms:1.3.2
-
cpe:2.3:a:themeum:tutor_lms:1.3.3
-
cpe:2.3:a:themeum:tutor_lms:1.3.4
-
cpe:2.3:a:themeum:tutor_lms:1.3.5
-
cpe:2.3:a:themeum:tutor_lms:1.3.6
-
cpe:2.3:a:themeum:tutor_lms:1.3.7
-
cpe:2.3:a:themeum:tutor_lms:1.3.8
-
cpe:2.3:a:themeum:tutor_lms:1.3.9
-
cpe:2.3:a:themeum:tutor_lms:1.4.0
-
cpe:2.3:a:themeum:tutor_lms:1.4.1
-
cpe:2.3:a:themeum:tutor_lms:1.4.2
-
cpe:2.3:a:themeum:tutor_lms:1.4.3
-
cpe:2.3:a:themeum:tutor_lms:1.4.4
-
cpe:2.3:a:themeum:tutor_lms:1.4.5
-
cpe:2.3:a:themeum:tutor_lms:1.4.6
-
cpe:2.3:a:themeum:tutor_lms:1.4.7
-
cpe:2.3:a:themeum:tutor_lms:1.4.8
-
cpe:2.3:a:themeum:tutor_lms:1.4.9
-
cpe:2.3:a:themeum:tutor_lms:1.5.0
-
cpe:2.3:a:themeum:tutor_lms:1.5.1
-
cpe:2.3:a:themeum:tutor_lms:1.5.2
-
cpe:2.3:a:themeum:tutor_lms:1.5.3
-
cpe:2.3:a:themeum:tutor_lms:1.5.4
-
cpe:2.3:a:themeum:tutor_lms:1.5.5
-
cpe:2.3:a:themeum:tutor_lms:1.5.6
-
cpe:2.3:a:themeum:tutor_lms:1.5.7
-
cpe:2.3:a:themeum:tutor_lms:1.5.8
-
cpe:2.3:a:themeum:tutor_lms:1.5.9
-
cpe:2.3:a:themeum:tutor_lms:1.6.0
-
cpe:2.3:a:themeum:tutor_lms:1.6.1
-
cpe:2.3:a:themeum:tutor_lms:1.6.2
-
cpe:2.3:a:themeum:tutor_lms:1.6.3
-
cpe:2.3:a:themeum:tutor_lms:1.6.4
-
cpe:2.3:a:themeum:tutor_lms:1.6.5
-
cpe:2.3:a:themeum:tutor_lms:1.6.6
-
cpe:2.3:a:themeum:tutor_lms:1.6.7
-
cpe:2.3:a:themeum:tutor_lms:1.6.8
-
cpe:2.3:a:themeum:tutor_lms:1.6.9
-
cpe:2.3:a:themeum:tutor_lms:1.7.0
-
cpe:2.3:a:themeum:tutor_lms:1.7.1
-
cpe:2.3:a:themeum:tutor_lms:1.7.2
-
cpe:2.3:a:themeum:tutor_lms:1.7.3
-
cpe:2.3:a:themeum:tutor_lms:1.7.4
-
cpe:2.3:a:themeum:tutor_lms:1.7.5
-
cpe:2.3:a:themeum:tutor_lms:1.7.6
-
cpe:2.3:a:themeum:tutor_lms:1.7.7
-
cpe:2.3:a:themeum:tutor_lms:1.7.8
-
cpe:2.3:a:themeum:tutor_lms:1.7.9
-
cpe:2.3:a:themeum:tutor_lms:1.8.0
-
cpe:2.3:a:themeum:tutor_lms:1.8.1
-
cpe:2.3:a:themeum:tutor_lms:1.8.2