How severe is CVE-2024-4223?

CVE-2024-4223 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2024-4223

Name: tutor_lms
Author: themeum

9.8CRITICAL

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and i

发布于: 5/16/2024更新于: 1/24/2025

描述

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.

AI分析AI驱动

受影响产品

themeumtutor_lms

参考资料

https://plugins.trac.wordpress.org/changeset/3086489/
Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/3086489/
Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve
Third Party Advisory