CVE-2025-13628 | Tutor LMS Plugin up to 3.9.3 on WordPress bulk_action_handler/coupon_permanent_delete authorization

A vulnerability was found in Tutor LMS Plugin up to 3.9.3 on WordPress. It has been declared as problematic. Affected by this issue is the function bulk_action_handler/coupon_permanent_delete. Such manipulation leads to missing authorization.

This vulnerability is referenced as CVE-2025-13628. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More