CVE-2026-5502 | themeum Tutor LMS Plugin up to 3.9.8 on WordPress tutor_update_course_content_order content_parent authorization

A vulnerability identified as critical has been detected in themeum Tutor LMS Plugin up to 3.9.8 on WordPress. This affects the function tutor_update_course_content_order. This manipulation of the argument content_parent causes missing authorization.

This vulnerability appears as CVE-2026-5502. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More