AI Score
Confidence
High
EPSS
Percentile
22.2%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates.
[
{
"cpes": [
"cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:*:*:*"
],
"vendor": "automattic",
"product": "sensei_lms",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4.24.2",
"versionType": "semver"
}
],
"defaultStatus": "unknown"
}
]