WordPress Plugin Vulnerabilities

Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API

Description

The plugin does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers

Proof of Concept

https://example.com/wp-json/wp/v2/sensei-messages/<numericID>

Affects Plugins

Fixed in 4.5.0

References

Classification

Type
IDOR
CWE

Miscellaneous

Original Researcher
Veshraj Ghimire
Submitter
Veshraj Ghimire
Submitter website
Submitter twitter
Verified
Yes

Timeline

Publicly Published
2022-08-04 (about 1 years ago)
Added
2022-08-04 (about 1 years ago)
Last Updated
2023-07-04 (about 4 months ago)

Other