CVE-2025-31338 | THREATINT

Description

A missing authorization vulnerability in the retrieve teacher Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to obtain partial user data by accessing the API functionality.

PUBLISHED Reserved 2025-03-28 | Published 2025-04-17 | Updated 2025-04-17 | Assigner ZUSO ART

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-862 Missing Authorization

Product status

Default status

affected

5.0 (custom)

affected

References

zuso.ai/advisory/za-2025-01 third-party-advisory

cve.org (CVE-2025-31338)

nvd.nist.gov (CVE-2025-31338)

Download JSON