PT-2022-14565 · WordPress · Sensei Lms
Name of the Vulnerable Software and Affected Versions: Sensei LMS WordPress plugin versions prior to 4.5.0 Description: The issue allows unauthenticated users to access private messages sent to teachers due to improper permissions set in one of its REST endpoints. Recommendations: For versions...