CVE-2026-1371 | Tutor LMS Plugin up to 3.9.5 on WordPress Coupon Details ajax_coupon_details authorization

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability described as problematic has been identified in Tutor LMS Plugin up to 3.9.5 on WordPress. This issue affects the function ajax_coupon_details of the component Coupon Details Handler. The manipulation results in missing authorization.

This vulnerability was named CVE-2026-1371. The attack may be performed from remote. There is no available exploit.

CVE-2026-1371 | Tutor LMS Plugin up to 3.9.5 on WordPress Coupon Details ajax_coupon_details authorization

Post correlati

CVE-2025-1161 | NomySost Nomysem up to May 2025 incorrect privileged apis

CVE-2024-4565 | Advanced Custom Fields Plugin up to 6.2 on WordPress Shortcode access control

CVE-2025-46709 | Imagination Graphics DDK up to 1.15 RTM/1.17 RTM/1.18 RTM/25.1 RTM1 use after free

CVE-2025-0342 | CampCodes Computer Laboratory Management System 1.0 /class/edit/edit s_lname cross site scripting