Vulnerabilidades em Themeum
93 resultadosCVE-2023-47532MEDIUMWordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2026-22330HIGHWordPress Right Way theme <= 4.0 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2026-10736MEDIUMTutor LMS <= 3.9.11 - Authenticated (Administrator+) SQL Injection via 'data' ParameterEPSS 0.4%CVE-2024-10117MEDIUMWP Crowdfunding <= 2.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpcf_donate ShortcodeEPSS 0.4%CVE-2026-3371MEDIUMTutor LMS <= 3.9.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Course Content ModificationEPSS 0.4%CVE-2024-5784HIGHTutor LMS Pro <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object ReferenceEPSS 0.4%CVE-2024-43937MEDIUMWordPress WP Crowdfunding plugin <= 2.1.10 - Settings Change vulnerabilityEPSS 0.3%CVE-2026-1375HIGHTutor LMS <= 3.9.5 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Course Modification and DeletionEPSS 0.3%CVE-2024-5438MEDIUMTutor LMS – eLearning and online course solution <= 2.7.1 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Quiz Attempt DeletionEPSS 0.3%CVE-2026-25406HIGHWordPress Tutor LMS Pro plugin <= 3.9.4 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2024-29913MEDIUMWordPress Tutor LMS Elementor Addons plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-37947MEDIUMWordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.3%CVE-2024-13228MEDIUMQubely – Advanced Gutenberg Blocks <= 1.8.13 - Authenticated (Contributor+) Sensitive Information Exposure via qubely_get_contentEPSS 0.3%CVE-2024-4222HIGHTutor LMS Pro <= 2.7.0 - Missing AuthorizationEPSS 0.3%CVE-2025-6184HIGHTutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL InjectionEPSS 0.3%CVE-2026-23799MEDIUMWordPress Tutor LMS plugin <= 3.9.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-5576MEDIUMTutor LMS Elementor Addons <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Course Carousel WidgetEPSS 0.3%CVE-2024-1804MEDIUMTutor LMS – Migration Tool <= 2.2.0 - Missing Authorization in tutor_import_from_xmlEPSS 0.3%CVE-2024-11910MEDIUMWP Crowdfunding <= 2.1.15 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-6965MEDIUMTutor LMS <= 3.9.9 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion via 'course' GET ParameterEPSS 0.3%