CVE-2024-8349

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group...

WordPress Uncanny Groups for LearnDash plugin <= 6.1.0.1 - Authenticated (Group Leader+) Privilege Escalation vulnerability

Authenticated Group Leader+ Privilege Escalation vulnerability discovered by Karl Emil Nikka in WordPress Plugin Uncanny Groups for LearnDash versions = 6.1.0.1...

WordPress plugin Uncanny Groups for LearnDash 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin Uncanny Groups for LearnDash 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-38964 · WordPress · Uncanny Groups For Learndash

Name of the Vulnerable Software and Affected Versions: The Uncanny Groups for LearnDash plugin for WordPress versions up to, and including, 6.1.0.1 Description: The issue arises from the plugin's failure to properly restrict what users a group leader can edit. This allows authenticated attackers...

PT-2024-38965 · WordPress · Uncanny Groups For Learndash

Name of the Vulnerable Software and Affected Versions: Uncanny Groups for LearnDash plugin for WordPress versions up to, and including, 6.1.0.1 Description: The issue allows authenticated attackers with group leader-level access and above to exploit a missing capability check on the "/wp-json/ulg...