Description

ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.

Remediation

References

CVE-2017-1000003

Related Vulnerabilities

WordPress Plugin Age Verify Cross-Site Scripting (0.2.8)

WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.9.9)

WordPress Plugin YITH Pre-Order for WooCommerce Security Bypass (1.1.9)

WordPress Plugin Simple Popup Newsletter Cross-Site Scripting (1.4.7)

WordPress Plugin Rich Reviews Multiple Vulnerabilities (1.7.3)

Severity

Critical

Classification

CVE-2017-1000003 CWE-269 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities