cleantalk
Vulnerabilities and Security Researches

Tutor LMS – eLearning and online course solution, CVE-2025-47555

CVE, Research URL

CVE-2025-47555

Home page URL

Security reports for Tutor LMS – eLearning and online course solution

Application

Tutor LMS – eLearning and online course solution

Published on
Jan 22, 2026
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.4.
Affected versions
max 3.9.4.
Status
vulnerable
Previous vulnerability researches
Tutor LMS BunnyNet Integration (CVE-2026-24584) , Jan 28, 2026
Tutor LMS &#8211; Migration Tool (CVE-2024-1804) , Jul 28, 2024
Tutor LMS &#8211; Migration Tool (CVE-2024-1798) , Jul 28, 2024
Tutor LMS Elementor Addons (CVE-2024-5576) , Aug 21, 2024
Tutor LMS Elementor Addons (CVE-2024-53816) , Dec 11, 2024
New vulnerability
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) (CVE-2026-32429) , Mar 30, 2026
Pochipp (CVE-2026-32417) , Mar 30, 2026
Contact Manager (CVE-2026-32517) , Mar 30, 2026
Contact Manager (CVE-2025-68853) , Mar 30, 2026
Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin (CVE-2026-27095) , Mar 30, 2026