karlemilnikka/CVE-2024-1208-and-CVE-2024-1210

karlemilnikka/CVE-2024-1208-and-CVE-2024-1210

Releases0

Stars3

Sensitive Information Exposure via API in LearnDash.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-1210 ↗	Feb 5, 2024Monday, 5 February 2024, 22:16	5.3 MEDIUM	—
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.
CVE-2024-1208 ↗	Feb 5, 2024Monday, 5 February 2024, 22:16	5.3 MEDIUM	—
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.