2 matches found
CVE-2024-1133
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions in all versions up to, and including, 2.6.0. This makes it possible for authenticated attacker...
CVE-2024-1133
The Tutor LMS WordPress plugin (versions up to and including 2.6.0) is vulnerable to unauthorized access of restricted Q&A content due to a missing capability check when interacting with questions.Authenticated users with subscriber access or higher can interact with questions in courses they are...