Unknown Sensei Lms vulnerabilities
4 known vulnerabilities affecting unknown/sensei_lms.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2024-8009MEDIUMCVSS 4.3fixed in 4.20.02025-05-15
CVE-2024-8009 [MEDIUM] CWE-863 CVE-2024-8009: The Sensei LMS WordPress plugin before 4.20.0 disclose all users of the blog including their email
The Sensei LMS WordPress plugin before 4.20.0 disclose all users of the blog including their email address to teachers on the students page
cvelistv5nvd
CVE-2025-0466MEDIUMCVSS 5.3fixed in 4.24.42025-02-04
CVE-2025-0466 [MEDIUM] CWE-862 CVE-2025-0466: The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, al
The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information.
cvelistv5nvd
CVE-2024-7786MEDIUMCVSS 5.3PoCfixed in 4.24.22024-09-04
CVE-2024-7786 [MEDIUM] CWE-862 CVE-2024-7786: The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, a
The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates.
cvelistv5nvd
CVE-2022-2034MEDIUMCVSS 5.3PoCfixed in 4.5.02022-08-29
CVE-2022-2034 [MEDIUM] CWE-639 CVE-2022-2034: The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
cvelistv5nvd