The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to and including 3.9.8. This is due to a missing authorization check in the tutor_update_course_content_order() function. The function only validates the nonce (CSRF protection) but does not verify whether the user has permission to manage course content. The can_user_manage() authorization check only executes when the 'content_parent' parameter is present in the request. When this parameter is omitted, the function proceeds directly to save_course_content_order() which manipulates the wp_posts table without any authorization validation. This makes it possible for authenticated attackers with subscriber-level access and above to detach all lessons from any topic, move lessons between topics, and modify the menu_order of course content, effectively allowing them to disrupt the structure of any course on the site.
Tutor LMS plugin for WordPress versions up to 3.9.8 contains an authorization bypass vulnerability allowing authenticated users to manipulate course content without proper permissions. Attackers can detach lessons, move content between topics, and modify course structure by omitting the content_parent parameter in requests.
يحتوي مكون Tutor LMS للتعليم الإلكتروني على ثغرة تجاوز التفويض في الإصدارات حتى 3.9.8 حيث تفتقد دالة tutor_update_course_content_order() فحص التفويض المناسب. يمكن للمستخدمين المصرح لهم بمستوى المشترك والأعلى التلاعب بمحتوى الدورة بما في ذلك فصل الدروس وتحريك المحتوى بين المواضيع عند حذف معامل content_parent من الطلب.
Tutor LMS WordPress plugin up to version 3.9.8 has an authorization bypass flaw enabling authenticated users to manipulate course content without proper permissions. Attackers can detach lessons, move content between topics, and modify course structure by omitting specific request parameters.
Update Tutor LMS plugin to version 3.9.9 or later immediately. Implement proper authorization checks for all course content manipulation functions regardless of parameter presence. Conduct security audit of all content management functions to ensure authorization validation is applied consistently.
قم بتحديث مكون Tutor LMS إلى الإصدار 3.9.9 أو أحدث فوراً. تطبيق فحوصات التفويض المناسبة لجميع وظائف معالجة محتوى الدورة بغض النظر عن وجود المعاملات. إجراء تدقيق أمني لجميع وظائف إدارة المحتوى لضمان تطبيق التحقق من التفويض بشكل متسق.