Skip to main content

Tutor Lms CVE-2024-4352

HIGH
Missing Authorization (CWE-862)
2024-05-16 security@wordfence.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 16, 2024 - 10:15 nvd
HIGH 8.8

DescriptionCVE.org

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

AnalysisAI

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.3% and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Missing Authorization (CWE-862), which allows attackers to access resources or perform actions without proper authorization checks. The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Affected products include: Themeum Tutor Lms.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement role-based access control, validate authorization on every request server-side, apply principle of least privilege.

CVE-2024-1751 HIGH POC
8.8 Mar 13

The Tutor LMS - eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via

CVE-2024-4351 HIGH
8.8 May 16

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data

CVE-2021-24184 HIGH POC
8.8 Apr 05

Several AJAX endpoints in the Tutor LMS - eLearning and online course solution WordPress plugin before 1.7.7 were unprot

CVE-2024-10400 HIGH POC
7.5 Nov 21

The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’ parameter in all versions up t

CVE-2023-3133 HIGH POC
7.5 Jul 04

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowi

CVE-2026-12275 HIGH POC
7.1 Jul 13

Broken authorization in the Tutor LMS WordPress plugin (before 3.9.13) lets authenticated subscriber-level users bypass

CVE-2026-12274 MEDIUM POC
6.5 Jul 13

Broken object-level authorization in the Tutor LMS WordPress plugin before 3.9.13 allows any authenticated instructor-le

CVE-2021-24186 MEDIUM POC
6.5 Apr 05

The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS - eLearning and online course soluti

CVE-2021-24185 MEDIUM POC
6.5 Apr 05

The tutor_place_rating AJAX action from the Tutor LMS - eLearning and online course solution WordPress plugin before 1.7

CVE-2021-24183 MEDIUM POC
6.5 Apr 05

The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS - eLearning and online course solution WordPress

CVE-2021-24182 MEDIUM POC
6.5 Apr 05

The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS - eLearning and online course solution Wor

CVE-2021-24181 MEDIUM POC
6.5 Apr 05

The tutor_mark_answer_as_correct AJAX action from the Tutor LMS - eLearning and online course solution WordPress plugin

Share

CVE-2024-4352 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy