Quote:Security vulnerabilities in Tutor LMS, a WordPress plugin installed on more than 20,000 sites, open the door to information theft and privilege escalation, according to researchers.
 
Tutor LMS is a learning-management system for educators that allows them to digitally reach their students. It supports course-building, student forums, multimedia classes and more. According to an analysis from Wordfence, there are five critical SQL-injection flaws in the plugin, and at least one high-severity bug stemming from unprotected AJAX endpoints.
 
The former “make it possible for attackers to obtain information stored in a site’s database, including user credentials, site options and other sensitive information,” researchers explained, in a posting this week.
 
The remaining flaws allow authenticated attackers to elevate user privileges and alter course content and settings, through the use of various AJAX actions.
 
Site administrators should update to the patched version, Tutor LMS v.1.8.3.

The five SQL-injection vulnerabilities all rate 6.5 out of 10 on the CVSS vulnerability-rating scale, making them medium in severity. CVEs are pending for all.