CVE Vulnerabilities

CVE-2024-1208

Published: Feb 05, 2024 | Modified: Feb 13, 2024
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.

Affected Software

Name Vendor Start Version End Version
Learndash Learndash * 4.10.3 (excluding)

References