Karl Emil Nikka

7 exploits Active since Jun 2023
CVE-2024-1208 NOMISEC MEDIUM WRITEUP
LearnDash LMS <4.10.2 - Info Disclosure
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.
3 stars
CVSS 5.3
CVE-2024-1209 NOMISEC MEDIUM WRITEUP
LearnDash LMS <4.10.1 - Info Disclosure
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads.
2 stars
CVSS 5.3
CVE-2024-0710 NOMISEC MEDIUM WRITEUP
GP Unique ID plugin <1.5.5 - Info Disclosure
The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and replace the generated unique ID with a user-controlled one, leading to a loss of integrity in cases where the ID's uniqueness is relied upon in a security-specific context.
1 stars
CVSS 5.3
CVE-2024-8349 NOMISEC HIGH WRITEUP
Uncanny Groups for LearnDash <6.1.0.1 - Privilege Escalation
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group leader-level access and above, to change admin account email addresses which can subsequently lead to admin account access.
CVSS 7.2
CVE-2023-1430 NOMISEC MEDIUM WRITEUP
FluentCRM - Marketing Automation For WordPress <2.7.40 - Info Discl...
The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.8.01 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address.
CVSS 6.5
CVE-2024-1210 WRITEUP MEDIUM WRITEUP
LearnDash LMS <4.10.1 - Info Disclosure
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.
CVSS 5.3
CVE-2024-8350 WRITEUP LOW WRITEUP
Uncanny Groups for LearnDash <6.1.0.1 - Privilege Escalation
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a missing capability check on the /wp-json/ulgm_management/v1/add_user/ REST API endpoint in all versions up to, and including, 6.1.0.1. This makes it possible for authenticated attackers, with group leader-level access and above, to add users to their group which ultimately allows them to leverage CVE-2024-8349 and gain admin access to the site.
CVSS 2.7