2 matches found
CVE-2024-5648 LearnDash LMS - Reports Free <= 1.8.2 - Missing Authorization to Plugin Settings Update
The LearnDash LMS – Reports plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.8.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...
WordPress LearnDash LMS – Reports Plugin <= 1.8.2 is vulnerable to Broken Access Control
Software LearnDash LMS – Reports Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5648 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 36a198e999f6 Credits Lucio Sá Required...