PT-2022-13186 · WordPress · Masterstudy Lms

Name of the Vulnerable Software and Affected Versions: MasterStudy LMS WordPress plugin versions prior to 2.7.6 Description: The issue allows unauthenticated users to register as an admin due to the lack of validation for some parameters given when registering a new account. Recommendations: For...

WordPress MasterStudy LMS plugin < 2.8.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress MasterStudy LMS plugin versions 2.8.0. Solution Update the WordPress MasterStudy LMS plugin to the latest available version at least 2.8.0...

WordPress MasterStudy LMS plugin < 2.8.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress MasterStudy LMS plugin versions 2.8.0. Solution Update the WordPress MasterStudy LMS plugin to the latest available version at least 2.8.0...

WordPress plugin MasterStudy LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress MasterStudy LMS 2.7.5 Plugin - Unauthenticated Admin Account Creation Vulnerability

Title: WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation Author: Numan Türle CVE: CVE-2022-0441 Software Link: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/ Version: 2.7.6 https://www.youtube.com/watch?v=SIO6CHXMZk...

WordPress MasterStudy LMS 2.7.5 Account Creation

Title: WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation Date: 16.02.2022 Author: Numan Türle CVE: CVE-2022-0441 Software Link: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/ Version: 2.7.6 https://www.youtube.com/watch?v=SIO6CHXMZk...

WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation

Title: WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation Date: 16.02.2022 Author: Numan Türle CVE: CVE-2022-0441 Software Link: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/ Version: 2.7.6 https://www.youtube.com/watch?v=SIO6CHXMZk...

MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation

The plugin does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin The nonce value of the stmlmsregister request must be retrieved from the ajax page. for this you should check the home page POST...

MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation

The plugin does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin PoC The nonce value of the stmlmsregister request must be retrieved from the ajax page. for this you should check the home page POST...

VulnCheck KEV: CVE-2022-0441

The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin...

WordPress MasterStudy LMS plugin <= 2.7.5 - Unauthenticated Admin Account Creation vulnerability

Unauthenticated Admin Account Creation vulnerability discovered by Numan Türle in WordPress MasterStudy LMS plugin versions = 2.7.5. Solution Update the WordPress MasterStudy LMS plugin to the latest available version at least 2.7.6...