CVE-2024-4223
9.8CRITICALThe Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and i
Опубликовано: 5/16/2024Обновлено: 1/24/2025
Описание
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.
ИИ-АнализНа базе ИИ
Затронутые продукты
themeumtutor_lms
Ссылки
- https://plugins.trac.wordpress.org/changeset/3086489/Patch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cveThird Party Advisory
- https://plugins.trac.wordpress.org/changeset/3086489/Patch
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cveThird Party Advisory