Medium severity6.5NVD Advisory· Published Jun 8, 2024· Updated Apr 15, 2026

CVE-2024-34765

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sensei Sensei Pro (WC Paid Courses) allows Stored XSS.This issue affects Sensei Pro (WC Paid Courses): from n/a through 4.23.1.1.23.1.

Affected products

WordPress/Woothemes Senseiinferred
Range: <=4.23.1.1.23.1
Package: https://wordpress.org/plugins/woothemes-sensei
Sensei/Sensei Prollm-create
Range: <=4.23.1.1.23.1

Patches

Vulnerability mechanics

References

patchstack.com/database/vulnerability/woothemes-sensei/wordpress-sensei-pro-wc-paid-courses-plugin-4-23-1-1-23-1-cross-site-scripting-xss-vulnerabilitynvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000