CVE-2020-8615

Medium

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and…

mitre·CWE-352·Published 2020-02-04

CVSS

6.5

EPSS

0.09

KEV

Exploits

cve.orgen

217 chars

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).

NVDen

217 chars

NVDes

247 chars

Una vulnerabilidad de tipo CSRF en el plugin Tutor LMS versiones anteriores a 1.5.3 para WordPress, puede resultar en que un atacante se apruebe como instructor y lleve a cabo otras acciones maliciosas (tales como bloquear instructores legítimos).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N