CVE-2023-3345

LMS by Masteriyo < 1.6.8 - Information Exposure

EPSS 1.9%

The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students

Productos afectados

Unknown · LMS by Masteriyo

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://wpscan.com/vulnerability/0d07423e-98d2-43a3-824d-562747a3d65a