CVE-2024-1804 – The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized …

27 July 2024

Vuln ID: CVE-2024-1804

Published: 2024-07-27 02:15:10.060

Description: The Tutor LMS – Migration Tool plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tutor_import_from_xml function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to import courses.

Base Score: 4.3 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Source: NVD.NIST.GOV

Date:

27 July 2024

Categorie(s):

NVD

Tag(s):

NVD

Sinister SpyAgent Android Malware Uses Optics To Crack Your Crypto Wallet7 September 2024
Despite cyberattacks, water security standards remain a pipe dream7 September 2024
Hackers Threaten to Leak Planned Parenthood Data7 September 2024
Protect AI Democratizes AI Security Training with Free MLSecOps Foundations Online Learning Course 7 September 2024
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams7 September 2024