Critical Vulnerability Affects Tutor LMS Pro WordPress Plugin

An advisory was issued about a critical vulnerability in the popular Tutor LMS Pro WordPress plugin. The vulnerability, rated 8.8 on a scale of 1 to 10, allows an authenticated attacker to extract sensitive information from the WordPress database. The vulnerability affects all versions up to and including 3.7.0.

Tutor LMS Pro Vulnerability

The vulnerability results from improper handling of user-supplied data, enabling attackers to inject SQL code into a database query. The Wordfence advisory explains:

“The Tutor LMS Pro – eLearning and online…