0.005 Low
EPSS
Percentile
76.6%
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
hackerone.com/reports/1590237
wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426