Vulnerabilities > Automattic > Sensei LMS > 4.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-7786 | Unspecified vulnerability in Automattic Sensei LMS The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates. | 5.3 |
| 2024-02-12 | CVE-2023-50875 | Cross-site Scripting vulnerability in Automattic Sensei LMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Sensei LMS – Online Courses, Quizzes, & Learning allows Stored XSS.This issue affects Sensei LMS – Online Courses, Quizzes, & Learning: from n/a through 4.17.0. | 5.4 |