Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday125 views

LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads. id:...

5.3CVSS6.7AI score0.02419EPSS
Exploits1References5
NVD
NVD
added 2024/02/05 10:16 p.m.29 views

CVE-2024-1209

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads...

5.3CVSS5.1AI score0.02419EPSS
Exploits1References3
CVE
CVE
added 2024/02/05 9:21 p.m.84 views

CVE-2024-1209

CVE-2024-1209 affects LearnDash LMS for WordPress. Affected versions are all releases up to and including 4.10.1, where direct file access and insufficient protection of uploaded assignments allow unauthenticated access to sensitive uploads, constituting Sensitive Information Exposure. The issue ...

5.3CVSS6.1AI score0.02419EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/02/05 12:0 a.m.9 views

WordPress LearnDash LMS Plugin <= 4.10.1 is vulnerable to Sensitive Data Exposure

Software LearnDash LMS Type Plugin Vulnerable versions = 4.10.1 Fixed in 4.10.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1209 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b49f2746f70f Credits Karl Emil Nikka Required...

5.3CVSS6.5AI score0.02419EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder