CVE-2024-1804 | Tutor LMS Plugin up to 2.2.0 on WordPress tutor_import_from_xml authorization

Inserito da Angelo Barbosa | Lug 26, 2024 | CVE

A vulnerability was found in Tutor LMS Plugin up to 2.2.0 on WordPress. It has been classified as critical. This affects the function tutor_import_from_xml. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2024-1804. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-1804 | Tutor LMS Plugin up to 2.2.0 on WordPress tutor_import_from_xml authorization

Post correlati

CVE-2024-36257 | Mattermost up to 9.5.5/9.8.0 Shared Channel access control

CVE-2024-37148 | glpi-project glpi up to 10.0.15 sql injection (GHSA-p626-hph9-p6fj)

CVE-2024-36025 | Linux Kernel up to 5.15.155/6.1.86/6.6.27/6.8.6 scsi qla_edif_app_getstats elem[] off-by-one

CVE-2024-9232 | Download Plugins and Themes in ZIP from Dashboard Plugin cross site scripting