2 matches found
CVE-2024-7786 Sensei LMS < 4.24.2 - Unauthenticated Email Template Leak
The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates...
WordPress Sensei LMS Plugin < 4.24.2 is vulnerable to Broken Access Control
Software Sensei LMS Type Plugin Vulnerable versions 4.24.2 Fixed in 4.24.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-7786 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 686c44dacca6 Credits Sushmita Poudel Required privilege...