cleantalk
Vulnerabilities and Security Researches

Tutor LMS – eLearning and online course solution, CVE-2025-32223

CVE, Research URL

CVE-2025-32223

Home page URL

Security reports for Tutor LMS – eLearning and online course solution

Application

Tutor LMS – eLearning and online course solution

Published on
Mar 19, 2026
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.4.
Affected versions
max 3.9.5.
Status
vulnerable
Previous vulnerability researches
MDJM Event Management (CVE-2025-52824) , Jul 03, 2025
MDJM Event Management (CVE-2025-22714) , Jan 26, 2025
MDJM Event Management (CVE-2025-31074) , Apr 02, 2025
MDJM Event Management (CVE-2026-1650) , Apr 14, 2026
MDJM Event Management (CVE-2026-7537) , Jun 07, 2026
New vulnerability
WP Zoho for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms &#8211; CRM, Bigin (CVE-2025-49330) , Jun 13, 2026
Password Protected &#8211; Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2023-33999) , Jun 13, 2026
Responsive Contact Form Builder &amp; Lead Generation Plugin (CVE-2023-25969) , Jun 13, 2026
Tarot Card Oracle (CVE-2023-33999) , Jun 13, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2026-2470) , Jun 13, 2026