Security threats in Skillate theme modal

  • Resolved thanujan2410

    (@thanujan2410)


    1 year, 5 months ago

    Hi!

    I am experiencing compatibility issues between Tutor LMS Pro and the Skillate paid theme. There are three main problems that require attention:

    1. Two-factor authentication (2FA) is functional on Tutor pages, but it does not work with the Skillate login modal. Although we receive the OTP via email when 2FA is enabled, there is no field provided in the modal form to input the OTP.
    2. The reCaptcha authentication feature is not working on the Skillate login modal. Even though reCaptcha is enabled for WordPress pages and Tutor login pages, we are encountering spam bot user registrations every 30 minutes due to this vulnerability in the Skillate login modal. This poses a significant security threat to the site.
    3. The mobile splash screen of Skillate is not functioning correctly. When we click on the login/sign-up option from the splash screen, some fields of the forms are positioned behind, preventing the login/registration process from proceeding smoothly.

    I highly appreciate the introduction of 2FA in Tutor LMS, but we need a parallel update for the Skillate theme to ensure seamless integration and efficient use.

    I already contacted Themeum in early May, and they mentioned that these issues would be addressed in the forthcoming Skillate updates. However, the recent update does not seem to have resolved these vulnerabilities. I kindly request urgent solutions to mitigate these security threats.

    Thank you for your prompt attention to these matters.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Dear @thanujan2410

    This forum is specifically for discussing Tutor LMS. If you have any issues related to the Skillate theme, we recommend reaching out to the theme’s support team at Themeum for assistance.

    Thank you

    Thread Starter thanujan2410

    (@thanujan2410)

    Dear @largbasket,

    Thank you for your response. We are experiencing spam registrations on our WordPress site having “Tutor LMS Pro by Themeum,” although the reCAPTCHA is enabled in the “Tutor LMS” settings. Spam registrations occur every 30 minutes if “Anyone can register” is enabled in WordPress settings. 2FA in “Tutor LMS” is not working at all with the premium theme “Skillate,” also sold by Themeum; thus couldn’t enable this feature. Kindly let us know how we can avoid these spam registrations in other ways in “Tutor LMS”.

    Thank you.

    Dear @thanujan2410

    Spam registrations can occur due to various reasons, and it’s important to address them promptly to ensure the security and integrity of your website. Here are some steps you can take to mitigate spam registrations:

    1. Check for malware or security vulnerabilities: Perform a thorough security scan of your website to check for any malware or security vulnerabilities. You can use security plugins like Wordfence or Sucuri to scan your site and identify any potential issues.
    2. Update plugins and themes: Ensure that both the “Tutor LMS Pro” plugin and the “Skillate” theme are up to date. Outdated versions may have security vulnerabilities that can be exploited by spammers. Update them to the latest versions available.
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security threats in Skillate theme modal’ is closed to new replies.