CVE-2023-25799

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-25799

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-25799.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-25799

Withdrawn

2025-01-25T02:46:16.925364Z

Published

2024-06-11T10:15:10Z

Modified

2025-01-14T11:35:08.378253Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Missing Authorization vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.1.8.

References

https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-broken-access-control-vulnerability?_s_id=cve

Affected packages

Git / github.com/themeum/tutor

Affected ranges

Type: GIT
Repo: https://github.com/themeum/tutor
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

338519694fa1379c8fa45e61e5cf01b9f67127d3

Affected versions

1.*

1.4.6

1.6.7

1.6.9

v.*

v.1.6.5

v1.*

v1.0.0

v1.0.0-alpha

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.1.0

v1.1.1

v1.2.0

v1.2.1

v1.2.11

v1.2.12

v1.2.13

v1.2.20

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.6.1

v1.6.2

v1.6.6

v1.7.0

v1.7.1

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.7.8

v1.7.9

v1.8.0

v1.8.1

v1.8.10

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v1.8.8

v1.8.9

v1.9.0

v1.9.1

v1.9.10

v1.9.11

v1.9.12

v1.9.13

v1.9.14

v1.9.15

v1.9.16

v1.9.2

v1.9.3

v1.9.4

v1.9.5

v1.9.6

v1.9.7

v1.9.8

v1.9.9

v2.*

v2.0.0-beta

v2.0.0-beta.2

v2.0.0-beta.3

v2.0.0-rc

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.1.7

v2.1.8