3 matches found
CVE-2023-25799 WordPress Tutor LMS plugin <= 2.1.8 - Multiple Broken Access Control vulnerabilities
Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8...
CVE-2023-25799
CVE-2023-25799 describes a Missing/Broken Authorization vulnerability in the WordPress plugin Tutor LMS . Affected versions are Tutor LMS: from n/a through 2.1.8. The issue is caused by insufficient authorization checks, enabling access control bypass for certain actions. Public references from P...
WordPress Tutor LMS Plugin <= 2.1.8 is vulnerable to Broken Access Control
Software Tutor LMS Type Plugin Vulnerable versions = 2.1.8 Fixed in 2.1.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25799 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID c5a261a00ca9 Credits Rafie Muhammad Patchstack Require...