PT-2026-3963 · Themeum · Tutor Lms

Published

2026-01-22

Updated

2026-01-25

CVE-2025-47555

CVSS v3.1

3.8

Low

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Themeum Tutor LMS versions through 3.9.4

Description An authorization bypass exists due to incorrectly configured access control security levels in Themeum Tutor LMS. This allows exploitation through a user-controlled key.

Recommendations Update Themeum Tutor LMS to a version later than 3.9.4.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2025-47555

Affected Products

Tutor Lms

PT-2026-3963 · Themeum · Tutor Lms

CVE-2025-47555

Weakness Enumeration

Related Identifiers

Affected Products

References · 3