5 matches found
CVE-2023-3345
The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students...
CVE-2023-3345
The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students...
CVE-2023-3345
CVE-2023-3345 affects the LMS by Masteriyo WordPress plugin prior to 1.6.8. The plugin’s REST API endpoints lack proper authorization, enabling any student to retrieve other students’ email addresses (information disclosure). Root cause per connected details: insufficient access checks on REST ro...
CVE-2023-3345 LMS by Masteriyo < 1.6.8 - Information Exposure
The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students...
CVE-2023-3345 LMS by Masteriyo < 1.6.8 - Information Exposure
The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students...