Lucene search
K

4 matches found

Nuclei
Nuclei
added 16 hours ago27 views

WordPress Easy Student Results <=2.2.8 - Improper Authorization

WordPress Easy Student Results plugin through 2.2.8 is susceptible to information disclosure. The plugin lacks authorization in its REST API, which can allow an attacker to retrieve sensitive information related to courses, exams, and departments, as well as student grades and information such as...

7.5CVSS7AI score0.02801EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/05/22 11:56 p.m.7 views

CVE-2022-2379

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...

7.5CVSS6.3AI score0.02801EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/08/15 8:37 a.m.33 views

CVE-2022-2379 Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API

The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc...

7.5AI score0.02801EPSS
Exploits2References1
CVE
CVE
added 2022/08/15 8:37 a.m.2188 views

CVE-2022-2379

CVE-2022-2379 affects the WordPress Easy Student Results plugin (versions ≤ 2.2.8). The REST API lacks proper authorization, allowing unauthenticated users to retrieve sensitive data: courses, exams, departments, student grades, and PII (email, physical address, phone). The CVSSv3.1 base score is...

7.5CVSS7.3AI score0.02801EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder