Lucene search
K

4 matches found

CVE
CVE
added 2024/05/16 9:32 a.m.79 views

CVE-2024-4222

CVE-2024-4222 affects the Tutor LMS Pro WordPress plugin. A missing capability check in multiple functions allows unauthenticated attackers to add, modify or delete user meta and plugin options across versions up to 2.7.0. The issue enables unauthorized data access/modification and data loss. Rem...

8.2CVSS6.6AI score0.00329EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/16 9:32 a.m.20 views

CVE-2024-4222 Tutor LMS Pro <= 2.7.0 - Missing Authorization

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or dele...

7.3CVSS6.8AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/16 9:32 a.m.29 views

CVE-2024-4222 Tutor LMS Pro <= 2.7.0 - Missing Authorization

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or dele...

7.3CVSS7.4AI score0.00329EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/16 12:0 a.m.15 views

WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4222 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 2853424c7113 Credits villu164 Required privilege...

8.2CVSS6.5AI score0.00329EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder