CVEs-PoC/2022/CVE-2022-2034.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

843 B

Raw Blame History

CVE-2022-2034

Description

The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers

POC

Reference

https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426

Github

https://github.com/ARPSyndicate/kenzer-templates
https://github.com/soxoj/information-disclosure-writeups-and-pocs

843 B Raw Blame History

CVE-2022-2034

Description

POC

Reference

Github

843 B

Raw Blame History