Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin LearnDash LMS Insecure Direct Object Reference - CVE-2023-3105 - Vulnerability Database
WP Plugin Sfwd Lms

WordPress Plugin LearnDash LMS Insecure Direct Object Reference - CVE-2023-3105

High
Reference: CVE-2023-3105
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-3105
Title: WordPress Plugin LearnDash LMS Insecure Direct Object Reference
Overview:

WordPress Plugin LearnDash LMS is prone to a insecure direct object reference (IDOR) vulnerability. Exploiting this issue may allow an attacker to reset arbitrary user passwords. WordPress Plugin LearnDash LMS version 4.6.0 is vulnerable prior versions may also be affected.