Lucene search

WordfenceVULNRICHMENT:CVE-2024-5784

HistoryAug 30, 2024 - 3:24 a.m.

CVE-2024-5784 Tutor LMS Pro <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object Reference

2024-08-3003:24:16

CWE-862

Wordfence

github.com

cve-2024-5784

wordpress

authorization

insecure direct object reference

vulnerability

subscriber access

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

AI Score

6.7

Confidence

Low

EPSS

Percentile

14.1%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treport_quiz_atttempt_delete and tutor_gc_class_action in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with the subscriber-level access and above, to preform an administrative actions on the site, like comments, posts or users deletion, viewing notifications, etc.

References

tutorlms.com/releases/id/299/

www.wordfence.com/threat-intel/vulnerabilities/id/aa5c23ed-7239-40e1-a795-1ae8d4c2d6c8?source=cve

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

AI Score

6.7

Confidence

Low

EPSS

Percentile

14.1%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-5784