Description
WordPress Plugin Tutor LMS-eLearning and online course solution is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add, modify, or delete data. WordPress Plugin Tutor LMS-eLearning and online course solution version 2.7.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.1 or latest
References
Related Vulnerabilities
WordPress Plugin Easy Digital Downloads-htaccess Editor Cross-Site Scripting (1.0.0)
WordPress Plugin Genesis Columns Advanced Cross-Site Scripting (2.0.3)
WordPress Plugin Kindeditor For WordPress Cross-Site Scripting (1.3.3)
WordPress Plugin Contact Form Email Cross-Site Scripting (1.3.24)
WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0)