Medium severity6.5NVD Advisory· Published Feb 4, 2020· Updated Jun 17, 2026
CVE-2020-8615
CVE-2020-8615
Description
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Tutor LMS plugindescription
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.htmlnvdExploitThird Party AdvisoryVDB Entry
- wpvulndb.com/vulnerabilities/10058nvdThird Party Advisory
- www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/nvdThird Party Advisory
- www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/nvdThird Party Advisory
- www.themeum.com/tutor-lms-updated-v1-5-3/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.