CVE-2021-24562

CVE-2021-24562: LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR

Vendor Unknown
Product LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress
Weakness CWE-639 · IDOR
Published August 23, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades

Key dates

02Disclosure timeline

August 23, 2021 CVE published
August 3, 2024 Record updated