CVE-2023-3345

LMS by Masteriyo < 1.6.8 - Information Exposure

EPSS 1.9%

The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students

Produtos afetados

Unknown · LMS by Masteriyo

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://wpscan.com/vulnerability/0d07423e-98d2-43a3-824d-562747a3d65a