Description
WordPress Plugin Tutor LMS-eLearning and online course solution is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete arbitrary posts. WordPress Plugin Tutor LMS-eLearning and online course solution version 2.6.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.6.2 or latest
References
Related Vulnerabilities
WordPress Plugin Photospace Gallery Cross-Site Scripting (2.3.5)
WordPress Plugin WPJobBoard SQL Injection (5.6.4)
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
MySQL Other Vulnerability (CVE-2004-0837)
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1868)