CVE-2025-0466 | Sensei LMS Plugin up to 4.24.3 on WordPress REST API sensei_email/sensei_message information disclosure

Inserito da Angelo Barbosa | Feb 4, 2025 | CVE

A vulnerability has been found in Sensei LMS Plugin up to 4.24.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component REST API. The manipulation of the argument sensei_email/sensei_message leads to information disclosure.

This vulnerability is known as CVE-2025-0466. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0466 | Sensei LMS Plugin up to 4.24.3 on WordPress REST API sensei_email/sensei_message information disclosure

Post correlati

CVE-2024-20076 | MediaTek MT8788 Modem memory corruption (MSV-1481 / MOLY01297806)

CVE-2021-47204 | Linux Kernel up to 5.4.161/5.10.81/5.15.4 dpaa2-eth free_netdev use after free

CVE-2024-13873 | wpjobportal WP Job Portal Plugin up to 2.2.8 on WordPress deleteUserPhoto authorization

CVE-2022-49258 | Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1 cc_cipher_exit kfree_sensitive(ctx_p->user.key) use after free