Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/07/04 7:23 a.m.10 views

CVE-2023-3133 Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available...

6.6AI score0.00984EPSS
Exploits2References3
CVE
CVE
added 2023/07/04 7:23 a.m.49 views

CVE-2023-3133

The CVE-2023-3133 entry concerns the Tutor LMS WordPress plugin (pre-2.2.1) where REST API endpoints do not perform adequate permission checks, allowing unauthenticated access to information from Lessons that should not be publicly available. Affected product: Tutor LMS WordPress plugin; vulnerab...

7.5CVSS7.5AI score0.00984EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/07/04 7:23 a.m.25 views

CVE-2023-3133 Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available...

7.6AI score0.00984EPSS
Exploits2References3
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.13 views

WordPress Tutor LMS Plugin < 2.2.1 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions 2.2.1 Fixed in 2.2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3133 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 46e68bdc901b Credits A. S. M. Muhiminul Hasan Required...

7.5CVSS6.5AI score0.00984EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder