Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.8 views

CVE-2026-4484

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...

9.8CVSS5.8AI score0.00353EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/26 1:25 a.m.2 views

CVE-2026-4484 Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...

9.8CVSS5.8AI score0.00353EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 1:25 a.m.8 views

CVE-2026-4484

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...

9.8CVSS5.8AI score0.00353EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/26 1:25 a.m.32 views

CVE-2026-4484 Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepareobjectfordatabase' function. This makes it possible for...

8.8CVSS0.00353EPSS
Exploits1References3
Rows per page
Query Builder