946 matches found
WordPress Plugin Tutor LMS Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Plugin Tutor LMS Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin Tutor LMS Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-29795 · WordPress · Tutor Lms Pro
Name of the Vulnerable Software and Affected Versions: Tutor LMS Pro plugin for WordPress versions prior to 2.7.1 Description: The issue allows unauthorized access, modification, and loss of data due to a missing capability check on multiple functions. This enables unauthenticated attackers to ad...
PT-2024-30162 · WordPress · The Tutor Lms
Name of the Vulnerable Software and Affected Versions: The Tutor LMS – eLearning and online course solution plugin for WordPress versions up to, and including, 2.7.0 Description: The issue allows authenticated attackers with Instructor-level permissions and above to delete any course due to missi...
WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to SQL Injection
Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4318 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 529631119255 Credits Thanh Nam Tran Required privilege Instructor Published 1...
PT-2024-29798 · WordPress · Tutor Lms
Name of the Vulnerable Software and Affected Versions: Tutor LMS plugin for WordPress versions prior to 2.8.0 is not specified, however, the versions up to and including 2.7.0 are affected. Description: The issue allows unauthorized access, modification, and loss of data due to a missing capabili...
Tutor LMS < 2.7.1 - Missing Authorization
Description The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify,...
PT-2024-30595 · WordPress · Tutor Lms Pro
Name of the Vulnerable Software and Affected Versions: Tutor LMS Pro plugin for WordPress versions up to, and including, 2.7.0 Description: The issue allows for unauthorized access, modification, and loss of data due to a missing capability check on the authenticate function. This enables...
CVE-2024-3553
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hidenotices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable us...
CVE-2024-3553
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hidenotices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable us...
CVE-2024-3553 Tutor LMS <= 2.6.2 - Missing Authorization to Unauthenticated Limited Options Update
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hidenotices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable us...
CVE-2024-3553 Tutor LMS <= 2.6.2 - Missing Authorization to Unauthenticated Limited Options Update
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hidenotices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable us...
CVE-2024-3553
CVE-2024-3553 affects Tutor LMS for WordPress up to version 2.6.2. Root cause: hide_notices() lacked a proper capability check, enabling any authenticated user to modify users_can_register and enable registration via the admin page. Patch v2.7.0 adds current_user_can('manage_options') in addition...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
The vulnerability of the hide_notices() function in the Tutor LMS plugin for WordPress content management system allows a violator to gain access to read and modify data.
The vulnerability of the hidenotices function in the Tutor LMS plugin for WordPress-related content management systems is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access to and modify data...
The vulnerability of the erase_tutor_data() function in the Tutor plugin for the WordPress content management system allows a hacker to perform a CSRF attack.
The vulnerability of the erasetutordata function in the Tutor plugin of the WordPress content management system is related to the,nonce。, CSRF 。...
The vulnerability of the Tutor LMS plugin for the WordPress content management system allows a hacker to execute arbitrary SQL queries and gain unauthorized access to protected information.
The vulnerability of the Tutor LMS plugin for the WordPress content management system is related to the lack of protection for the SQL query structure when processing the questionid parameter. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries and gain unauthorized...