3 matches found
CVE-2024-12596
creationtimestamp| type| source ---|---|--- 2024-12-18 03:48:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113671780756043850 2024-12-18 06:09:49+00:00| seen| https://t.me/cvedetector/13151...
CVE-2024-12596 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes <= 7.8.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the 'llmsdeletecert' action in all versions up to, and including, 7.8.5. This makes it possible for authenticated attackers, with...
CVE-2024-12596 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes <= 7.8.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check on the 'llmsdeletecert' action in all versions up to, and including, 7.8.5. This makes it possible for authenticated attackers, with...