CVE-2021-24242

The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed sub_page parameter of the plugin's Tools, allowing high privilege users to include any local php file
References
Configurations

Configuration 1

cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-04-22 09:15

Updated : 2021-04-30 01:14


NVD link : CVE-2021-24242

Mitre link : CVE-2021-24242

Products Affected
CWE