Critical severity9.8NVD Advisory· Published May 16, 2024· Updated Apr 8, 2026
CVE-2024-4223
CVE-2024-4223
Description
The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data.
Affected products
3- Range: <=2.7.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.