5 matches found
CVE-2024-0377
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processreview' function in all versions up to, and including, 7.5.1. This makes it possible for unauthenticated attackers to publish...
CVE-2024-0377 LifterLMS – WordPress LMS Plugin for eLearning <= 7.5.1 - Missing Authorization via process_review
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processreview' function in all versions up to, and including, 7.5.1. This makes it possible for unauthenticated attackers to publish...
CVE-2024-0377 LifterLMS – WordPress LMS Plugin for eLearning <= 7.5.1 - Missing Authorization via process_review
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'processreview' function in all versions up to, and including, 7.5.1. This makes it possible for unauthenticated attackers to publish...
CVE-2024-0377
The CVE concerns LifterLMS – WordPress LMS Plugin for eLearning (versions
WordPress LifterLMS Plugin <= 7.5.1 is vulnerable to Broken Access Control
Software LifterLMS Type Plugin Vulnerable versions = 7.5.1 Fixed in 7.5.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0377 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 017a17d1f987 Credits Francesco Carlucci Required privileg...