Description
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)
WordPress Plugin BuddyPress Members Only Cross-Site Scripting (1.8.3)
WordPress Plugin Under Construction, Coming Soon & Maintenance Mode Multiple Vulnerabilities (1.1.1)