Vulnerability Details CVE-2022-2034
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
Exploit prediction scoring system (EPSS) score
EPSS Score 0.513
EPSS Ranking 97.8%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2022-2034
-
cpe:2.3:a:automattic:sensei_lms:-
-
cpe:2.3:a:automattic:sensei_lms:2.0.1
-
cpe:2.3:a:automattic:sensei_lms:2.1.0
-
cpe:2.3:a:automattic:sensei_lms:2.1.1
-
cpe:2.3:a:automattic:sensei_lms:2.1.2
-
cpe:2.3:a:automattic:sensei_lms:2.2.0
-
cpe:2.3:a:automattic:sensei_lms:2.2.1
-
cpe:2.3:a:automattic:sensei_lms:2.3.0
-
cpe:2.3:a:automattic:sensei_lms:2.4.0
-
cpe:2.3:a:automattic:sensei_lms:3.0.0
-
cpe:2.3:a:automattic:sensei_lms:3.0.1
-
cpe:2.3:a:automattic:sensei_lms:3.1.0
-
cpe:2.3:a:automattic:sensei_lms:3.1.1
-
cpe:2.3:a:automattic:sensei_lms:3.10.0
-
cpe:2.3:a:automattic:sensei_lms:3.11.0
-
cpe:2.3:a:automattic:sensei_lms:3.11.1
-
cpe:2.3:a:automattic:sensei_lms:3.12.0
-
cpe:2.3:a:automattic:sensei_lms:3.13.0
-
cpe:2.3:a:automattic:sensei_lms:3.13.1
-
cpe:2.3:a:automattic:sensei_lms:3.13.2
-
cpe:2.3:a:automattic:sensei_lms:3.13.3
-
cpe:2.3:a:automattic:sensei_lms:3.14.0
-
cpe:2.3:a:automattic:sensei_lms:3.15.0
-
cpe:2.3:a:automattic:sensei_lms:3.15.1
-
cpe:2.3:a:automattic:sensei_lms:3.15.2
-
cpe:2.3:a:automattic:sensei_lms:3.2.0
-
cpe:2.3:a:automattic:sensei_lms:3.3.0
-
cpe:2.3:a:automattic:sensei_lms:3.3.1
-
cpe:2.3:a:automattic:sensei_lms:3.4.0
-
cpe:2.3:a:automattic:sensei_lms:3.4.1
-
cpe:2.3:a:automattic:sensei_lms:3.5.0
-
cpe:2.3:a:automattic:sensei_lms:3.5.1
-
cpe:2.3:a:automattic:sensei_lms:3.5.2
-
cpe:2.3:a:automattic:sensei_lms:3.5.3
-
cpe:2.3:a:automattic:sensei_lms:3.6.0
-
cpe:2.3:a:automattic:sensei_lms:3.6.1
-
cpe:2.3:a:automattic:sensei_lms:3.7.0
-
cpe:2.3:a:automattic:sensei_lms:3.8.0
-
cpe:2.3:a:automattic:sensei_lms:3.8.1
-
cpe:2.3:a:automattic:sensei_lms:3.9.0
-
cpe:2.3:a:automattic:sensei_lms:3.9.1
-
cpe:2.3:a:automattic:sensei_lms:4.0.0
-
cpe:2.3:a:automattic:sensei_lms:4.0.1
-
cpe:2.3:a:automattic:sensei_lms:4.0.2
-
cpe:2.3:a:automattic:sensei_lms:4.1.0
-
cpe:2.3:a:automattic:sensei_lms:4.1.1
-
cpe:2.3:a:automattic:sensei_lms:4.2.0
-
cpe:2.3:a:automattic:sensei_lms:4.3.0
-
cpe:2.3:a:automattic:sensei_lms:4.4.0
-
cpe:2.3:a:automattic:sensei_lms:4.4.1
-
cpe:2.3:a:automattic:sensei_lms:4.4.2
-
cpe:2.3:a:automattic:sensei_lms:4.4.3