CVE-2024-4351

HIGH EXPLOITED

Tutor LMS Pro <= 2.7.0 - Authenticated Missing Authorization in Authenticate Function

Title source: llm

Exploitation Summary

CVE-2024-4351 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including ZSECURE.

AI-analyzed exploit summary The PoC generates a malicious .url shortcut file that exploits CVE-2024-4351 by pointing to a remote SMB share, likely triggering arbitrary code execution via Windows shortcut file handling. The script is minimal but functional, demonstrating the core exploit mechanism.

Description

The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account.

Exploits (1)

nomisec WORKING POC

by ZSECURE · poc

https://github.com/ZSECURE/CVE-2024-4351

View Code ZIP pw:eip

The PoC generates a malicious .url shortcut file that exploits CVE-2024-4351 by pointing to a remote SMB share, likely triggering arbitrary code execution via Windows shortcut file handling. The script is minimal but functional, demonstrating the core exploit mechanism.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Windows (specific version unclear, likely Windows 10/11 or Server 2019/2022)

No auth needed

Prerequisites: Victim interaction (e.g., opening the .url file) · Network access to attacker-controlled SMB share

MITRE ATT&CK

T1204.002 - Malicious File

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Product

https://www.themeum.com/product/tutor-lms/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/59859583-49e5-4a80-8659-b9ca7ddc089d?source=cve

Scores

CVSS v3 8.8

EPSS 0.0102

EPSS Percentile 58.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-05-16

CWE

CWE-862 CWE-89

Status published

Products (2)

themeum/Tutor LMS Pro < 2.7.0

themeum/tutor_lms < 2.7.1

Published May 16, 2024

Tracked Since Feb 18, 2026