The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.
History

Tue, 17 Jun 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-02-05T21:21:45.748Z

Updated: 2025-06-17T21:29:25.683Z

Reserved: 2024-02-02T17:16:46.186Z

Link: CVE-2024-1210

cve-icon Vulnrichment

Updated: 2024-08-01T18:33:24.861Z

cve-icon NVD

Status : Modified

Published: 2024-02-05T22:16:08.310

Modified: 2024-11-21T08:50:02.867

Link: CVE-2024-1210

cve-icon Redhat

No data.