CVE-2025-6680

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't...

CVE-2025-6680

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't...

CVE-2025-6680

CVE-2025-6680 Tutor LMS (WordPress): Authenticated users with tutor-level+ access can view sensitive information by exposing assignments from courses they don’t teach. Affects Tutor LMS versions up to 3.8.3. Public advisories indicate remediation by upgrading to 3.8.4 or later; some sources also ...

CVE-2025-6680 Tutor LMS <= 3.8.3 - Missing Authorization to Sensitive Information Exposure

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't...

cs253.stanford.edu

It is an offensive tool for web application security education. The repository contains a collection of assignments and exercises for the CS 253 Web Security course at Stanford University. The assignments are designed to educate students on various web security topics, including client-side...