The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Themeum tutor Lms - Migration Tool
|
|
CPEs | cpe:2.3:a:themeum:tutor_lms_-_migration_tool:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Themeum tutor Lms
|
Themeum tutor Lms - Migration Tool
|
Thu, 19 Sep 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Themeum
Themeum tutor Lms |
|
CPEs | cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Themeum
Themeum tutor Lms |
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-07-27T01:51:01.443Z
Updated: 2024-08-01T18:48:22.025Z
Reserved: 2024-02-22T20:53:58.094Z
Link: CVE-2024-1804
Vulnrichment
Updated: 2024-08-01T18:48:22.025Z
NVD
Status : Modified
Published: 2024-07-27T02:15:10.060
Modified: 2024-11-21T08:51:21.513
Link: CVE-2024-1804
Redhat
No data.