Known Vulnerabilities for Tutor LMS by Themeum
Listed below are 10 of the newest known vulnerabilities associated with "Tutor LMS" by "Themeum".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57694 json | Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Confi... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-40743 json | Unauthenticated Broken Access Control in Tutor LMS <= 3.9.7 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-40740 json | Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Securi... | Not Provided | 2026-04-15 | 2026-04-16 |
| CVE-2026-25406 json | Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeum Tutor LMS Pro tutor-pro allows Authenticati... | Not Provided | 2026-03-25 | 2026-04-28 |
| CVE-2026-23799 json | Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Securi... | Not Provided | 2026-03-05 | 2026-04-28 |
| CVE-2026-22332 json | Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions. | Not Provided | 2026-06-17 | 2026-06-17 |
| CVE-2026-13443 json | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2026-12275 json | The Tutor LMS WordPress plugin before 3.9.13 does not, in its Droip and Kirki page-builder integration, perform the enrollme... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-12274 json | The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post befor... | Not Provided | 2026-07-13 | 2026-07-13 |
| CVE-2026-12273 json | The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a ... | Not Provided | 2026-07-13 | 2026-07-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Themeum | Tutor Lms | 1.5.3 | |||
| Application | Themeum | Tutor Lms | 1.5.2 | |||
| Application | Themeum | Tutor Lms | 1.5.1 | |||
| Application | Themeum | Tutor Lms | 1.5.0 | |||
| Application | Themeum | Tutor Lms | 1.4.9 | |||
| Application | Themeum | Tutor Lms | 1.4.8 | |||
| Application | Themeum | Tutor Lms | 1.4.7 | |||
| Application | Themeum | Tutor Lms | 1.4.6 | |||
| Application | Themeum | Tutor Lms | 1.4.5 | |||
| Application | Themeum | Tutor Lms | 1.4.4 | |||
| Application | Themeum | Tutor Lms | 1.4.3 | |||
| Application | Themeum | Tutor Lms | 1.4.2 | |||
| Application | Themeum | Tutor Lms | 1.4.1 | |||
| Application | Themeum | Tutor Lms | 1.4.0 | |||
| Application | Themeum | Tutor Lms | 1.3.9 | |||
| Application | Themeum | Tutor Lms | 1.3.8 | |||
| Application | Themeum | Tutor Lms | 1.3.7 | |||
| Application | Themeum | Tutor Lms | 1.3.6 | |||
| Application | Themeum | Tutor Lms | 1.3.5 | |||
| Application | Themeum | Tutor Lms | 1.3.4 |