Security Advisory

CVE-2025-0466

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-04 06:00:11

Last updated 2025-08-27 12:00:27

Assigner WPScan

State PUBLISHED

Description

The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information.

← Browse all CVEs View on cve.org ↗