CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
| Software | From | Fixed in |
|---|---|---|
| themeum / tutor_lms | - | 1.5.3 |
- http://packetstormsecurity.com/files/156585/WordPress-Tutor-LMS-1.5.3-Cross-Site-Request-Forgery.html
- https://wpvulndb.com/vulnerabilities/10058
- https://www.getastra.com/blog/911/plugin-exploit/cross-site-request-forgery-in-tutor-lms-plugin/
- https://www.jinsonvarghese.com/cross-site-request-forgery-in-tutor-lms/
- https://www.themeum.com/tutor-lms-updated-v1-5-3/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime