CVE-2026-30884

mdjnelson/moodle-mod customcert is a Moodle plugin for creating dynamically generated certificates with complete customization via the web browser. Prior to versions 4.4.9 and 5.0.3, a teacher who holds mod/customcert:manage in any single course can read and silently overwrite certificate elements belonging to any other course in the Moodle installation. The core get fragment callback editelement and the mod customcert save element web service both fail to verify that the supplied elementid belongs to the authorized context, enabling cross-course information disclosure and data tampering. Versions 4.4.9 and 5.0.3 fix the issue.