Lucene search

K
cvelistWPScanCVELIST:CVE-2022-0441
HistoryMar 07, 2022 - 8:16 a.m.

CVE-2022-0441 MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation

2022-03-0708:16:43
CWE-269
WPScan
www.cve.org
2

9.7 High

AI Score

Confidence

High

0.262 Low

EPSS

Percentile

96.8%

The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin

CNA Affected

[
  {
    "product": "MasterStudy LMS – WordPress LMS Plugin",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.7.6",
        "status": "affected",
        "version": "2.7.6",
        "versionType": "custom"
      }
    ]
  }
]

9.7 High

AI Score

Confidence

High

0.262 Low

EPSS

Percentile

96.8%