Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7786

The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates.

Published

2024-09-04T06:15:17.600

Last Modified

2024-10-07T17:46:08.943

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	automattic	sensei_lms	< 4.24.2	Yes

References

https://wpscan.com/vulnerability/f44e6f8f-3ef2-45c9-ae9c-9403305a548a/ Exploit, Third Party Advisory ([email protected])