Filtered by vendor Cluevo
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-40607 | 1 Cluevo | 1 Learning Management System | 2024-02-28 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions. | |||||
CVE-2021-25029 | 1 Cluevo | 1 Learning Management System | 2024-02-28 | 3.5 LOW | 4.8 MEDIUM |
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed |