cve/CVE-2022-2034.md at 0a6a8ff98932ea5803a682e12b920b88c786f419

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

843 B

Raw Blame History

CVE-2022-2034

Description

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers

POC

Reference

https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426

Github

https://github.com/ARPSyndicate/kenzer-templates
https://github.com/soxoj/information-disclosure-writeups-and-pocs

843 B Raw Blame History

CVE-2022-2034

Description

POC

Reference

Github

843 B

Raw Blame History