Sensei LMS < 4.24.4 - Unauthenticated sensei_email/sensei_message Disclosure
Description
The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.24.4
Patches
Vulnerability mechanics
Root cause
"The plugin does not properly protect some of its REST API routes, allowing unauthenticated access to sensitive information."
Attack vector
An unauthenticated attacker can exploit this vulnerability by sending a crafted request to specific REST API endpoints. The request does not require any authentication, allowing any user to trigger the vulnerability. This leads to the disclosure of sensitive information such as `sensei_email` and `sensei_message` [ref_id=1].
Affected code
The vulnerability lies within the REST API routes of the Sensei LMS plugin that are not adequately protected. Specifically, routes intended for internal use or requiring authentication are exposed, allowing unauthorized access to sensitive data [ref_id=1].
What the fix does
The patch addresses the vulnerability by implementing proper access control checks for the affected REST API routes. This ensures that only authenticated users with the necessary permissions can access the sensitive information, thereby preventing unauthorized disclosure [patch_id=1876143].
Preconditions
- authThe attacker does not need any authentication to exploit this vulnerability.
Reproduction
https://wpscan.com/vulnerability/53ab86dc-1195-4ba0-8eda-6a0d7b45c45f/
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- wpscan.com/vulnerability/53ab86dc-1195-4ba0-8eda-6a0d7b45c45f/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.