6 matches found
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
WordPress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Date: 2020-01-30 Vendor Homepage: https://www.themeum.com/product/tutor-lms/ Vendor Changelog: https://wordpress.org/plugins/tutor/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Date: 2020-01-30 Vendor Homepage: https://www.themeum.com/product/tutor-lms/ Vendor Changelog: https://wordpress.org/plugins/tutor/developer...
Wordpress Tutor LMS 1.5.3 Plugin - Cross-Site Request Forgery (Add User) Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Vendor Homepage: https://www.themeum.com/product/tutor-lms/ Vendor Changelog: https://wordpress.org/plugins/tutor/developers Exploit Author: Jinson Varghese...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2020-8615
CVE-2020-8615 is a CSRF vulnerability in the WordPress Tutor LMS plugin up to version 1.5.3 (fixed in 1.5.3). The issue allows an attacker to approve themselves as an instructor and perform other actions (e.g., blocking legitimate instructors). The root cause is CSRF in Tutor LMS’s instructor-man...