Moodle Vulnerabilities
Moodle Moodle vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Session Fixation Vulnerability in Moodle by Moodle Pty Ltd
CVE-2025-53021MoodleMoodle4.2MEDIUMSQL Injection Vulnerability in Moodle Course Search Module
CVE-2025-26533Moodle ProjectMoodle8.1HIGHData Validation Flaw in Moodle by Moodle
CVE-2025-26532Moodle ProjectMoodle3.1LOWInsufficient Capability Checks in Moodle by Moodle
CVE-2025-26531Moodle ProjectMoodle3.1LOWReflected XSS Vulnerability in Moodle's Question Bank Filter
CVE-2025-26530Moodle ProjectMoodle8.3HIGHStored XSS Vulnerability in Moodle's Administration Live Log
CVE-2025-26529Moodle ProjectMoodle๐๐พ๐ก๐ฐ8.3HIGHStored XSS Vulnerability in Moodle Drag-and-Drop Image Question Type
CVE-2025-26528Moodle ProjectMoodle3.4LOWMoodle Tags Exposure in Tag Search and Block Functionality
CVE-2025-26527Moodle ProjectMoodle5.3MEDIUMPermission Check Flaws in Feedback Activities of Moodle by Moodle
CVE-2025-26526Moodle ProjectMoodle6.5MEDIUMArbitrary File Read Vulnerability in TeX Notation Filter Affects Moodle Products
CVE-2025-26525Moodle ProjectMoodle8.6HIGHMoodle Dynamic Tables Vulnerability: Unauthorized Access to Sensitive Information
CVE-2024-45689MoodleMoodleMoodle Flaw Requires Additional Checks to Prevent Account Deletion
CVE-2024-45690MoodleMoodleMoodle Password Flaw Allows Bypass of Password Protection
CVE-2024-45691MoodleMoodleMoodle Vulnerability: Additional Access Controls Needed for Course Badges
CVE-2024-48899MoodleMoodleMoodle Messaging Vulnerability Allows Unauthorized Access to User Names
CVE-2024-48896MoodleMoodle4.3MEDIUMAdditional Checks Required to Secure RSS Feeds in Moodle
CVE-2024-48897MoodleMoodle4.3MEDIUMDelete Audiences from Reports Vulnerability
CVE-2024-48898MoodleMoodle4.3MEDIUMAdditional Checks Required to Secure Report Schedule
CVE-2024-48901MoodleMoodle4.3MEDIUMCross-Site Scripting Vulnerability in Moodle H5P
CVE-2024-43439MoodleMoodle6.1MEDIUMLocal File Inclusion Vulnerability in Moodle Affecting Block Backups
CVE-2024-43440MoodleMoodle7.5HIGHSeparate Unique Keys for QR Login and Auto-Login
CVE-2024-38277MoodleMoodle5.4MEDIUMMultiple CSRF Risks Due to Incorrect Token Checks
CVE-2024-38276MoodleMoodle8.8HIGHUnintentionally Sending HTTP Authorization Header Information Through Redirects
CVE-2024-38275MoodleMoodleStored XSS Risk in Event Deletion Prompt
CVE-2024-38274MoodleMoodle6.1MEDIUMUsers Granted Unauthorized Access to Join URLs Due to Insufficient Capability Checks
CVE-2024-38273MoodleMoodle5.4MEDIUM