Vulnerabilities

CVE-2024-1208

by Fred · 05/02/2024

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.

More information : https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : LOW
Integrity impact : NONE
Base score : 5.3
Base severity : MEDIUM
Exploitability score : 3.9
Impact score : 1.4

Similar

Tags: Cybersecurity Alert