CVE-2025-58993

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through <= 3.7.4.
Configurations

No configuration.

History

23 Apr 2026, 15:34

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.6

01 Apr 2026, 17:27

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection. This issue affects Tutor LMS: from n/a through 3.7.4. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS tutor allows SQL Injection.This issue affects Tutor LMS: from n/a through <= 3.7.4.
References
  • {'url': 'https://patchstack.com/database/wordpress/plugin/tutor/vulnerability/wordpress-tutor-lms-plugin-3-7-4-sql-injection-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Plugin/tutor/vulnerability/wordpress-tutor-lms-plugin-3-7-4-sql-injection-vulnerability?_s_id=cve -
CVSS v2 : unknown
v3 : 7.6
v2 : unknown
v3 : unknown

09 Sep 2025, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-09-09 17:16

Updated : 2026-06-17 09:45


NVD link : CVE-2025-58993

Mitre link : CVE-2025-58993

CVE.ORG link : CVE-2025-58993


JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')