CVE-2022-2563 - Vulnerability Details - OpenCVE

ReportizFlow

The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Themeum	Tutor Lms

Configuration 1 [-]

cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f

History

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00092}`	epss `{'score': 0.00115}`

Tue, 13 May 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-10-17T00:00:00.000Z

Updated: 2025-05-13T19:23:13.459Z

Reserved: 2022-07-28T00:00:00.000Z

Link: CVE-2022-2563

Vulnrichment

Updated: 2024-08-03T00:39:08.066Z

NVD

Status : Modified

Published: 2022-10-17T12:15:09.737

Modified: 2025-05-13T20:15:21.827

Link: CVE-2022-2563

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-2563", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "dateUpdated": "2025-05-13T19:23:13.459Z", "dateReserved": "2022-07-28T00:00:00.000Z", "datePublished": "2022-10-17T00:00:00.000Z"}, "containers": {"cna": {"title": "Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting", "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2022-10-17T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"}], "affected": [{"vendor": "Unknown", "product": "Tutor LMS \u2013 eLearning and online course solution", "versions": [{"version": "2.0.10", "status": "affected", "lessThan": "2.0.10", "versionType": "custom"}]}], "references": [{"url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f"}], "credits": [{"lang": "en", "value": "lucy"}], "problemTypes": [{"descriptions": [{"type": "CWE", "description": "CWE-79 Cross-Site Scripting (XSS)", "cweId": "CWE-79", "lang": "en"}]}], "x_generator": "WPScan CVE Generator", "source": {"discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:39:08.066Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-13T19:22:47.292805Z", "id": "CVE-2022-2563", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T19:23:13.459Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:39:08.066Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-2563", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-13T19:22:47.292805Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T19:23:10.325Z"}}], "cna": {"title": "Tutor LMS < 2.0.10 - Admin+ Stored Cross-Site Scripting", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "lucy"}], "affected": [{"vendor": "Unknown", "product": "Tutor LMS \u2013 eLearning and online course solution", "versions": [{"status": "affected", "version": "2.0.10", "lessThan": "2.0.10", "versionType": "custom"}]}], "references": [{"url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f"}], "x_generator": "WPScan CVE Generator", "descriptions": [{"lang": "en", "value": "The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Cross-Site Scripting (XSS)"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2022-10-17T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-2563", "state": "PUBLISHED", "dateUpdated": "2025-05-13T19:23:13.459Z", "dateReserved": "2022-07-28T00:00:00.000Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2022-10-17T00:00:00.000Z", "assignerShortName": "WPScan"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "1577C58F-361F-4933-91FE-F14201D68C08", "versionEndExcluding": "2.0.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"}, {"lang": "es", "value": "El plugin Tutor LMS de WordPress versiones anteriores a 2.0.10, no escapa a algunos par\u00e1metros del curso, lo que podr\u00eda permitir a usuarios con altos privilegios, como el administrador, llevar a cabo ataques de tipo Cross-Site Scripting Almacenado, incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en la configuraci\u00f3n multisitio)"}], "id": "CVE-2022-2563", "lastModified": "2025-05-13T20:15:21.827", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-10-17T12:15:09.737", "references": [{"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Secondary"}]}