Lucene search

CVE-2024-4223 Tutor LMS <= 2.7.0 - Missing Authorization

🗓️ 16 May 2024 08:50:32Reported by WordfenceType

Vulnerability in Tutor LMS plugin for WordPres

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to Broken Access Control	16 May 202400:00	–	patchstack
Vulnrichment	CVE-2024-4223 Tutor LMS <= 2.7.0 - Missing Authorization	16 May 202408:32	–	vulnrichment
CVE	CVE-2024-4223	16 May 202409:15	–	cve
WPVulnDB	Tutor LMS < 2.7.1 - Missing Authorization	15 May 202400:00	–	wpvulndb
NVD	CVE-2024-4223	16 May 202409:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024)	23 May 202415:00	–	wordfence

[
  {
    "vendor": "themeum",
    "product": "Tutor LMS – eLearning and online course solution",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "2.7.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/3086489/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 May 2024 08:32Current

9.5High risk

Vulners AI Score9.5

CVSS39.8

EPSS0.01505