Security Advisory

CVE-2021-24184

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-05 18:27:45
Last updated 2024-08-03 19:21:18
Assigner WPScan
State PUBLISHED

Description

Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privileges among many other actions.