Vulnerabilities (CVE)

Filtered by vendor Cluevo Subscribe
Filtered by product Learning Management System
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-40607 1 Cluevo 1 Learning Management System 2024-02-28 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions.
CVE-2021-25029 1 Cluevo 1 Learning Management System 2024-02-28 3.5 LOW 4.8 MEDIUM
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed