cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forsertifier-certificates-open-badges sertifier-certificates-open-badges

Direction: ascending
Aug 24, 2025

Sertifier Certificates & Open Badges – Tutor LMS # CVE-2025-7841

CVE, Research URL

CVE-2025-7841

Home page URL

Security reports for Sertifier Certificates & Open Badges – Tutor LMS

Application

Sertifier Certificates & Open Badges – Tutor LMS

Date
Aug 23, 2025
Research Description
The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or incorrect nonce validation on the 'sertifier_settings' page. This makes it possible for unauthenticated attackers to update the plugin's api key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 1.19.
Status
vulnerable
Nov 11, 2025

Sertifier Certificates & Open Badges – Tutor LMS # CVE-2025-53214

CVE, Research URL

CVE-2025-53214

Home page URL

Security reports for Sertifier Certificates & Open Badges – Tutor LMS

Application

Sertifier Certificates & Open Badges – Tutor LMS

Date
Nov 06, 2025
Research Description
Missing Authorization vulnerability in sertifier Sertifier Certificate & Badge Maker sertifier-certificates-open-badges allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sertifier Certificate & Badge Maker: from n/a through <= 1.21.
Affected versions
max 1.21.
Status
vulnerable