Vulnerabilities > CVE-2021-24184 - Unspecified vulnerability in Themeum Tutor LMS

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
themeum

Summary

Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.

Vulnerable Configurations

Part Description Count
Application
Themeum
67