CVE-2026-40743MEDIUM NVDCVSS Score 6.5Severity MEDIUMPublished Jun 15, 2026Vendor unknownDescriptionUnauthenticated Broken Access Control in Tutor LMS <= 3.9.7 versions.Referenceshttps://patchstack.com/database/wordpress/plugin/tutor/vulnerability/wordpress-tutor-lms-plugin-3-9-7-broken-access-control-vulnerability-2?_s_id=cve