Tutor lms pro
This hub aggregates every CVE we track for Tutor lms pro, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
2
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6CRITICAL2MEDIUM1
Monthly trend
0
1
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
2
0
0
1
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Tutor lms pro.
- CVE-2026-22332WordPress Tutor LMS Pro plugin <= 3.9.6 - SQL Injection vulnerability9.3
- CVE-2026-25406WordPress Tutor LMS Pro plugin <= 3.9.4 - Broken Authentication vulnerability8.1
- CVE-2026-0953Tutor LMS Pro <= 3.9.5 - Authentication Bypass via Social Login9.8
- CVE-2025-6639Tutor LMS Pro – eLearning and online course solution <= 3.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to View/Edit Other Assignments5.4
- CVE-2025-6184Tutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL Injection8.8
- CVE-2024-5784Tutor LMS Pro <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object Reference7.1
- CVE-2024-4352Tutor LMS Pro <= 2.7.0 - Missing Authorization to SQL Injection8.8
- CVE-2024-4351Tutor LMS Pro <= 2.7.0 - Missing Authorization to Privilege Escalation8.8
- CVE-2024-4222Tutor LMS Pro <= 2.7.0 - Missing Authorization7.3
Product normalization is registry-driven with AI assist and human review. How it works