3 matches found
CVE-2024-4351
creationtimestamp| type| source ---|---|--- 2024-11-13 18:13:44+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113477000944740643 2024-11-14 11:04:07+00:00| published-proof-of-concept| https://t.me/cKure/13907...
CVE-2024-4351 Tutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege Escalation
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with...
WordPress Tutor LMS Pro Plugin <= 2.7.0 is vulnerable to Privilege Escalation
Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-4351 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID fc3d215c9303 Credits villu164...