Vulnerability CVE-2024-4223
Published: 2024-05-16

Description:
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.

 References:
https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve
https://plugins.trac.wordpress.org/changeset/3086489/
Copyright 2026, cxsecurity.com

 

Back to Top