Tutor LMS <= 3.9.11 Authenticated SQL Injection via 'data' Parameter (CVE-2026-10736)

www.wordfence.com 2026-06-19查看中文 →

Security AdvisoryCVE-2026-10736MediumTutor LMS

Affected:

Tutor LMS <= 3.9.11

Fixed in:

3.9.12

Referenced CVEs: CVE-2026-10736 · 4.9

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from www.wordfence.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

PressPrimer Quiz <= 2.3.0 IDOR Vulnerability (CVE-2026-10623) Advisory and Patch 2026-06-20 WordPress Video Conferencing with Zoom Missing Auth to SDK Credential Exposure CVE-2026-6964 2026-06-20 CVE-2026-6798: WordPress 2Download Connector Unauthenticated Data Exposure via Missing Authorization 2026-06-20 Woosa <= 2.0.6 Authenticated Arbitrary File Read via log_file (CVE-2026-7547) 2026-06-20 WP DSGVO Tools Missing Authorization Vulnerability Disclosure (CVE-2026-10034) Advisory 2026-06-20

Offline Archive

Offline screenshot & PDF are Pro-exclusive