cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11328,https://securityvulnerability.io/vulnerability/CVE-2024-11328,Reflected Cross-Site Scripting Vulnerability in CLUEVO LMS E-Learning Platform Plugin for WordPress,"The CLUEVO LMS E-Learning Platform plugin for WordPress has a vulnerability that allows unauthenticated attackers to execute malicious scripts via reflected cross-site scripting. This occurs due to inadequate escaping in the URL manipulation functions add_query_arg and remove_query_arg. Attackers can exploit this weakness to inject arbitrary web scripts into pages, enabling them to trick users into clicking compromised links, leading to possible data exposure or other malicious activities.",Wordpress,"Cluevo Lms, E-learning Platform",6.1,MEDIUM,0.000590000010561198,false,,false,false,false,false,false,false,2025-01-09T11:10:59.019Z,0
CVE-2024-11444,https://securityvulnerability.io/vulnerability/CVE-2024-11444,CLUEVO LMS Vulnerable to Cross-Site Request Forgery,"The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevo_render_module_ui() function. This makes it possible for unauthenticated attackers to delete modules via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",Wordpress,"Cluevo Lms, E-learning Platform",4.3,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-12-06T08:24:50.320Z,0
CVE-2021-25029,https://securityvulnerability.io/vulnerability/CVE-2021-25029,Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting,"The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed",Wordpress,"Cluevo Lms, E-learning Platform",4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-02-07T15:47:16.000Z,0