CVE-2024-10897

Tutor LMS Elementor Addons <= 2.1.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation

CVSS 4.3 MEDIUMEPSS 0.3%CWE-862

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

15 Nov 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_etlms_dependency_plugin() function in all versions up to, and including, 2.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install Elementor or Tutor LMS. Please note the impact of this issue is incredibly limited due to the fact that these two plugins will likely already be installed as a dependency of the plugin.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected products

themeum · Tutor LMS Elementor Addons

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://plugins.trac.wordpress.org/browser/tutor-lms-elementor-addons/trunk/classes/Installer.php#L152 https://plugins.trac.wordpress.org/changeset/3186320/tutor-lms-elementor-addons/trunk/classes/Installer.php https://www.wordfence.com/threat-intel/vulnerabilities/id/99edd858-5e2c-4cc5-adda-d8e70ddc86f6?source=cve