WordPress Plugin Vulnerabilities | Page 47 | WPScan

0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z

Slug

Published

2026-01-20

Title

Tutor LMS – eLearning and online course solution < 3.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Attachment Deletion

Slug

Published

2026-02-02

Title

Tutor LMS < 3.9.6 - Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX Action

Slug

Published

2026-02-02

Title

Tutor LMS < 3.9.6 - Instructor+ Arbitrary Course Modification and Deletion via IDOR

Slug

Published

2026-01-02

Title

Tutor LMS < 3.9.5 - Authenticated (Instructor+) Insecure Direct Object Reference

Slug

Published

2026-02-27

Title

Tutor LMS < 3.9.7 - Unauthenticated SQL Injection via coupon_code

Slug

Published

2026-02-25

Title

Tutor LMS – eLearning and online course solution < 3.9.6 - Missing Authorization

Slug

tutor-lms-bunnynet-integration

Published

2026-01-19

Title

Tutor LMS BunnyNet Integration < 1.0.1 - Authenticated (Tutor instructor+) Stored Cross-Site Scripting

Slug

tutor-lms-elementor-addons

Published

2024-03-25

Title

Tutor LMS Elementor Addons < 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Slug

tutor-lms-elementor-addons

Published

2024-08-19

Title

Tutor LMS Elementor Addons < 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Course Carousel Widget

Slug

tutor-lms-elementor-addons

Published

2024-11-14

Title

Tutor LMS Elementor Addons < 2.1.6 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation

Slug

tutor-lms-elementor-addons

Published

2024-12-02

Title

Tutor LMS Elementor Addons < 2.1.6 - Missing Authorization

Slug

tutor-lms-elementor-addons

Published

2025-11-30

Title

Tutor LMS Elementor Addons < 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Slug

tutor-lms-migration-tool

Published

2024-07-26

Title

Tutor LMS – Migration Tool <= 2.2.2 - Missing Authorization in tutor_import_from_xml

Slug

tutor-lms-migration-tool

Published

2024-07-26

Title

Tutor LMS – Migration Tool <= 2.2.2 - Missing Authorization in tutor_lp_export_xml

Slug

Published

2024-05-15

Title

Tutor LMS Pro < 2.7.1 - Missing Authorization to Privilege Escalation

Slug

Published

2024-05-15

Title

Tutor LMS Pro < 2.7.1 - Missing Authorization

Slug

Published

2024-05-15

Title

Tutor LMS Pro < 2.7.1 - Missing Authorization to SQL Injection

Slug

Published

2024-08-29

Title

Tutor LMS Pro < 2.7.3 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object Reference

Slug

Published

2025-08-12

Title

Tutor LMS Pro – eLearning and online course solution < 3.7.1 - Authenticated (Tutor Instructor+) SQL Injection

Slug

Published

2025-10-24

Title

Tutor LMS Pro < 3.9.0 - Subscriber+ Other Assignments Access/Edit via IDOR

Slug

Published

2026-01-13

Title

Tutor LMS Pro <= 3.8.3 - Unauthenticated SQL Injection

Slug

Published

2026-03-09

Title

Tutor LMS Pro < 3.9.6 - Authentication Bypass via Social Login

Slug

Published

2025-10-15

Title

Tuturn < 3.6 - Authenticated (Subscriber+) Arbitrary File Download

Slug

Published

2025-10-15

Title

Tuturn < 3.6 - Unauthenticated Missing Authorization

Slug

tuxedo-big-file-uploads

Published

2023-11-14

Title

Big File Uploads < 2.1.2 - Cross-Site Request Forgery via actions