Sensei LMS – Online Courses, Quizzes, & Learning, CVE-2022-2034
- CVE, Research URL
- Published on
- Aug 29, 2022
- Research Description
- The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
- Affected versions
-
Min -, max 4.5.0.
- Status
-
vulnerable