3 matches found
CVE-2024-39642
Authorization Bypass Through User-Controlled Key vulnerability in ThimPress LearnPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LearnPress: from n/a through 4.2.6.8.2...
CVE-2024-39642
creationtimestamp| type| source ---|---|--- 2024-08-13 13:45:57+00:00| seen| https://t.me/cvedetector/2996...
CVE-2024-39642
CVE-2024-39642 is an Insecure Direct Object References (IDOR) vulnerability in the LearnPress WordPress LMS plugin (versions up to 4.2.6.8.2). The root cause is an Authorization Bypass where a user-controlled key allows accessing functionality not properly constrained by ACLs. Public disclosures ...