CVE-2025-22740 WordPress Sensei LMS plugin <= 4.24.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Automattic Sensei LMS sensei-lms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sensei LMS: from n/a through = 4.24.4...

WordPress Sensei LMS plugin <= 4.24.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by David Ojeda Guijarro Patchstack Alliance in WordPress Plugin Sensei LMS versions = 4.24.4...

WordPress Sensei LMS plugin < 4.24.4 - Unauthenticated sensei_email/sensei_message Disclosure vulnerability

Unauthenticated senseiemail/senseimessage Disclosure vulnerability discovered by Li Xuhang in WordPress Plugin Sensei LMS versions 4.24.4...

WordPress Sensei Pro (WC Paid Courses) plugin <= 4.23.1.1.23.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Sensei Pro WC Paid Courses versions = 4.23.1.1.23.1...

WordPress Sensei Pro (WC Paid Courses) Plugin <= 4.23.1.1.23.1 is vulnerable to Cross Site Scripting (XSS)

Software Sensei Pro WC Paid Courses Type Plugin Vulnerable versions = 4.23.1.1.23.1 Fixed in 4.24.0.1.24.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34765 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ffa624f39abc Credits Rafie...

WordPress Sensei LMS Plugin <= 4.17.0 is vulnerable to Cross Site Scripting (XSS)

Software Sensei LMS Type Plugin Vulnerable versions = 4.17.0 Fixed in 4.18.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50875 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 28be70e5b8cd Credits Rafie Muhammad Patchstack Required...