Vulnerabilities > Uncannyowl > Uncanny Groups FOR Learndash > 5.4.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-8349 | Missing Authorization vulnerability in Uncannyowl Uncanny Groups for Learndash The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. | 7.2 |
| 2024-09-25 | CVE-2024-8350 | Missing Authorization vulnerability in Uncannyowl Uncanny Groups for Learndash The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgm_management/v1/add_user/ REST API endpoint in all versions up to, and including, 6.1.0.1. | 2.7 |