Description
Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Import Export Lite Security Bypass (3.9.4)
Oracle JRE CVE-2013-2473 Vulnerability (CVE-2013-2473)
WordPress Plugin WP Dev Powers:ACF Color Coded Field Types Security Bypass (1.0)
WordPress Plugin Party Hall Booking Manager SQL Injection (1.1)
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-62399)