← Back to CVE List
CVE-2022-2034
The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt