4.3

CVE-2022-2080

Exploit

Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR

Sensei LMS <= 4.5.1 - Missing Authorization

The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student
Mögliche Gegenmaßnahme
Sensei LMS – Online Courses, Quizzes, & Learning: Update to version 4.5.2, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AutomatticSensei Lms SwPlatformwordpress Version < 4.5.2
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt Sensei LMS – Online Courses, Quizzes, & Learning
Version *-4.5.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.65% 0.463
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE-639 Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

https://hackerone.com/reports/1592596
Third Party Advisory
Exploit
https://wpscan.com/vulnerability/5395d196-a39a-4a58-913e-5b5b9d6123a5
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/c1520cce-4ed7-4815-9023-4a994200601a
Third Party Advisory