Login Sign Up

CVE-2024-4223

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

The Tutor LMS WordPress plugin has a missing capability check vulnerability that allows unauthenticated attackers to add, modify, or delete data. This affects all versions up to and including 2.7.0. Any WordPress site using the vulnerable Tutor LMS plugin is at risk.

💻 Affected Systems

Products:
  • Tutor LMS WordPress Plugin
Versions: All versions up to and including 2.7.0
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all WordPress installations with Tutor LMS plugin enabled, regardless of configuration.

📦 What is this software?

Tutor Lms by Themeum

View all CVEs affecting Tutor Lms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site compromise including data destruction, content manipulation, and potential privilege escalation leading to full administrative control.

🟠

Likely Case

Unauthorized data modification or deletion, content defacement, and potential injection of malicious content.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, but still vulnerable to data manipulation.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability is in multiple functions with missing capability checks, making exploitation straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.7.1

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3086489/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Tutor LMS and click 'Update Now'. 4. Verify version is 2.7.1 or higher.

🔧 Temporary Workarounds

Disable Tutor LMS Plugin

all

Temporarily disable the vulnerable plugin until patching is possible.

wp plugin deactivate tutor

Restrict WordPress Admin Access

all

Limit access to WordPress admin interface to trusted IP addresses only.

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block suspicious Tutor LMS API requests
  • Enable detailed logging for all Tutor LMS plugin activities and monitor for unauthorized access attempts

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Tutor LMS version. If version is 2.7.0 or lower, you are vulnerable.

Check Version:

wp plugin get tutor --field=version

Verify Fix Applied:

After updating, confirm Tutor LMS version is 2.7.1 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized POST requests to Tutor LMS endpoints
  • Unexpected data modifications in Tutor LMS tables
  • Failed capability checks in WordPress debug logs

Network Indicators:

  • Unusual traffic patterns to /wp-content/plugins/tutor-lms/ endpoints
  • POST requests to Tutor LMS API from unauthenticated sources

SIEM Query:

source="wordpress.log" AND ("tutor" OR "tutor-lms") AND ("POST" OR "unauthorized" OR "capability_check")

📊 Metadata

CVE ID: CVE-2024-4223
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-862
Published: May 16, 2024
Last Updated: January 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-4223, you might also want to check these:

CVE-2024-6071 10.0

CVE-2024-6071 is a critical remote code execution vulnerability in PTC Creo Elements/Direct License ...

Same vulnerability type (CWE-862)
CVE-2022-0543 10.0

CVE-2022-0543 is a critical Lua sandbox escape vulnerability in Redis on Debian-based systems that a...

Same vulnerability type (CWE-862)
CVE-2024-6500 10.0

This vulnerability allows unauthenticated attackers to read and delete arbitrary files on WordPress ...

Same vulnerability type (CWE-862)