Security Advisory

CVE-2021-24242

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-22 21:00:51

Last updated 2024-08-03 19:21:18

Assigner WPScan

State PUBLISHED

Description

The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugins Tools, allowing high privilege users to include any local php file

← Browse all CVEs View on cve.org ↗