Browse all 25 CVE security advisories affecting Moodle. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Moodle is an open-source learning management system widely deployed by educational institutions to facilitate online course delivery and student engagement. Its extensive plugin ecosystem and complex architecture have historically introduced significant attack surfaces, resulting in twenty-four recorded Common Vulnerabilities and Exposures. Security audits frequently identify critical flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation or insecure default configurations. While the project maintains a responsible disclosure process, past incidents have highlighted risks associated with outdated third-party libraries and delayed patch adoption by administrators. These technical shortcomings allow attackers to compromise user data or disrupt academic services. Consequently, rigorous security hygiene, including timely updates and strict plugin management, remains essential for maintaining the integrity of Moodle-based educational environments against evolving cyber threats.
This page lists every published CVE security advisory associated with Moodle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.