What the vulnerability does
01Description
The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
CVSS base score
What the vulnerability does
The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting
Key dates
External resources