daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-2034.yaml

patch-1
Ritik Chaddha 2022-11-30 14:20:37 +05:30 committed by GitHub
parent dfeee28760
commit f2a8f93e5f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2022/CVE-2022-2034.yaml
View File

@ -8,7 +8,9 @@ info:
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
reference:
- https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2034
- https://hackerone.com/reports/1590237
- https://wordpress.org/plugins/sensei-lms/advanced/
- https://nvd.nist.gov/vuln/detail/CVE-2022-2034
classification:
cve-id: CVE-2022-2034
tags: cve,cve2022,wordpress,wp-plugin,wp