Primary

Context

Tutor LMS Missing Authorization Vulnerability Allows Unauthorized Course Enrollment

Vulnerability

Patched

A vulnerability exists in the Tutor LMS WordPress plugin, specifically in versions up to and including 3.9.3, allowing unauthorized course enrollment. This issue arises from a lack of proper capability checks and validation of course purchasability in the 'course_enrollment()' AJAX handler. As a result, authenticated users with subscriber-level access or higher can enroll themselves in any course without completing the required purchase process.

Impact

Exploitation of this vulnerability allows authenticated users with subscriber-level access and above to enroll in courses without payment, bypassing the intended purchase process.

Remediation

Users are advised to update the Tutor LMS plugin to version 3.9.4 or a later patched version.

Added: Jan 9, 2026, 8:22 AM

Updated: Jan 9, 2026, 8:22 AM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

6.1

remediation

7.7

relevance

1.9

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

6.1

remediation

7.7

relevance

1.9

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tutor LMS Missing Authorization Vulnerability Allows Unauthorized Course Enrollment

Vulnerability

Impact

Remediation

Affected Products

Tutor LMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating