A vulnerability in the mdjnelson/moodle-mod_customcert plugin allows teachers with mod/customcert:manage permission in any course to read and overwrite certificate elements from other courses. The vulnerability affects versions prior to 4.4.9 and 5.0.3, caused by inadequate authorization checks in the core_get_fragment callback editelement and mod_customcert_save_element web service. This enables cross-course information disclosure and data tampering across the entire Moodle installation. The issue has been fixed in versions 4.4.9 and 5.0.3.