CVE-2023-35090 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)

🗓️ 22 Jun 2023 10:33:16Reported by PatchstackType

WordPress MasterStudy LMS Plugin vulnerable to Cross Site Scripting (XSS) Auth

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress Plugin MasterStudy LMS 跨站脚本漏洞	22 Jun 202300:00	–	cnnvd
CVE	CVE-2023-35090	22 Jun 202310:33	–	cve
EUVD	EUVD-2023-39124	3 Oct 202520:07	–	euvd
NVD	CVE-2023-35090	22 Jun 202311:15	–	nvd
OSV	CVE-2023-35090	22 Jun 202311:15	–	osv
Patchstack	WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)	15 Jun 202300:00	–	patchstack
Prion	Cross site scripting	22 Jun 202311:15	–	prion
Positive Technologies	PT-2023-25139 · Stylemixthemes · Stylemixthemes Masterstudy Lms Wordpress Plugin	22 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-35090	23 May 202504:36	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 12, 2023 to June 18, 2023)	22 Jun 202313:11	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "masterstudy-lms-learning-management-system",
    "product": "MasterStudy LMS WordPress Plugin – for Online Courses and Education",
    "vendor": "StylemixThemes",
    "versions": [
      {
        "lessThanOrEqual": "3.0.7",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/masterstudy-lms-learning-management-system/wordpress-masterstudy-lms-plugin-3-0-7-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:08Current

6Medium risk

Vulners AI Score6

CVSS 3.16.5

EPSS0.00323

CWE-79