daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-2034.yaml

patch-1
Ritik Chaddha 2022-11-30 14:20:37 +05:30 committed by GitHub
parent dfeee28760
commit f2a8f93e5f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2022/CVE-2022-2034.yaml
View File

@ -8,7 +8,9 @@ info:
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
reference: reference:
- https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426 - https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2034 - https://hackerone.com/reports/1590237
- https://wordpress.org/plugins/sensei-lms/advanced/
- https://nvd.nist.gov/vuln/detail/CVE-2022-2034
classification: classification:
cve-id: CVE-2022-2034 cve-id: CVE-2022-2034
tags: cve,cve2022,wordpress,wp-plugin,wp tags: cve,cve2022,wordpress,wp-plugin,wp