Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR
CVE-2022-2080

4.3MEDIUM

Key Information:

Vendor: Wordpress
Status: Sensei Lms – Online Courses, Quizzes, & Learning
Vendor: CVE Published:; 29 August 2022

Summary

The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student

Affected Version(s)

Sensei LMS – Online Courses, Quizzes, & Learning 4.5.2

References

https://wpscan.com/vulnerability/5395d196-a39a-4a58-913e-...

x_refsource_MISC

https://hackerone.com/reports/1592596

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 29, 2022
Vulnerability Reserved
Jun 14, 2022

Credit

Veshraj Ghimire