CVE-2024-4223
9.8CRITICALThe Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and i
Veröffentlicht: 5/16/2024Aktualisiert: 1/24/2025
Beschreibung
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.
KI-AnalyseKI-gestützt
Betroffene Produkte
themeumtutor_lms
Referenzen
- https://plugins.trac.wordpress.org/changeset/3086489/Patch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cveThird Party Advisory
- https://plugins.trac.wordpress.org/changeset/3086489/Patch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cveThird Party Advisory