Lucene search
K

5 matches found

NVD
NVD
added 2024/05/16 9:15 a.m.32 views

CVE-2024-4223

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete...

9.8CVSS9.4AI score0.00517EPSS
Exploits0References2
CVE
CVE
added 2024/05/16 8:32 a.m.67 views

CVE-2024-4223

CVE-2024-4223 affects Tutor LMS – eLearning and online course solution (WordPress plugin) up to version 2.7.0. A missing capability check enables unauthenticated attackers to add, modify, or delete data via HTTP requests (network vector). Wordfence lists a patched status for this CVE, indicating ...

9.8CVSS6.6AI score0.00517EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/16 8:32 a.m.43 views

CVE-2024-4223 Tutor LMS <= 2.7.0 - Missing Authorization

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete...

9.8CVSS9.5AI score0.00517EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/16 8:32 a.m.16 views

CVE-2024-4223 Tutor LMS <= 2.7.0 - Missing Authorization

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete...

9.8CVSS6.8AI score0.00517EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/16 12:0 a.m.15 views

WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4223 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 86348e33f1ae Credits villu164 Required privilege...

9.8CVSS6.5AI score0.00517EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder