Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2022-2379
HistoryAug 15, 2022 - 8:37 a.m.

CVE-2022-2379 Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API

2022-08-1508:37:23
CWE-862
WPScan
www.cve.org
1
easy student results
wordpress plugin
unauthorized access
rest api
sensitive information disclosure
cve-2022-2379
student data
pii

0.028 Low

EPSS

Percentile

90.8%

JSON

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student’s grades and PII such as email address, physical address, phone number etc

CNA Affected

[
  {
    "product": "Easy Student Results",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "2.2.8",
        "status": "affected",
        "version": "2.2.8",
        "versionType": "custom"
      }
    ]
  }
]

Related

patchstack 1
wpvulndb 1
wpexploit 1
nvd 1
nuclei 1
cve 1
prion 1
patchstack
patchstack
WordPress Easy Student Results plugin <= 2.2.8 - Sensitive Information Disclosure via REST API vulnerability
2022-07-19 00:00:00
wpvulndb
wpvulndb
Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API
2022-07-19 00:00:00
wpexploit
wpexploit
Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API
2022-07-19 00:00:00
nvd
nvd
CVE-2022-2379
2022-08-15 11:21:23
nuclei
nuclei
WordPress Easy Student Results <=2.2.8 - Improper Authorization
2022-11-09 14:18:37
cve
cve
CVE-2022-2379
2022-08-15 11:21:23
prion
prion
Design/Logic Flaw
2022-08-15 11:21:00

0.028 Low

EPSS

Percentile

90.8%

JSON
Related for CVELIST:CVE-2022-2379
patchstack1wpvulndb1wpexploit1nvd1nuclei1cve1prion1