Lucene search
+L

7 matches found

Nuclei
Nuclei
added yesterday14 views

Masteriyo LMS <= 1.7.3 - Insecure Direct Object Reference

Authentication Bypass Using an Alternate Path or Channel vulnerability in Masteriyo Masteriyo - LMS. Unauth access to course progress.This issue affects Masteriyo - LMS: from n/a through 1.7.3. id: CVE-2024-33939 info: name: Masteriyo LMS = 1.7.3 - Insecure Direct Object Reference author:...

5.3CVSS6.1AI score0.00843EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 4:38 p.m.14 views

CVE-2024-33939

Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.7.3...

5.3CVSS5.9AI score0.00843EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 4:15 p.m.10 views

CVE-2024-33939

Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.7.3...

5.3CVSS0.00843EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 3:55 p.m.15 views

CVE-2024-33939 WordPress LMS by Masteriyo plugin <= 1.7.3 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.7.3...

5.3CVSS0.00843EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 3:55 p.m.53 views

CVE-2024-33939

CVE-2024-33939 relates to the WordPress plugin Masteriyo – LMS (&lt;= 1.7.3). Affected component: Masteriyo LMS REST endpoints exposing course progress data. Root cause: authentication/authorization bypass (insecure direct object reference) that allows unauthenticated users to access course progr...

5.3CVSS5.9AI score0.00843EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2025/02/19 9:2 p.m.8 views

CVE-2024-33939

creationtimestamp| type| source ---|---|--- 2025-02-19 21:02:33+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodq7unn2q 2025-05-19 17:39:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16904 2025-12-26 21:03:01+00:00| seen|...

5.3CVSS4.8AI score0.00843EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/30 12:0 a.m.11 views

WordPress Masteriyo - LMS Plugin <= 1.7.3 is vulnerable to Broken Authentication

Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A4: Insecure Design Classification Broken Authentication CVE CVE-2024-33939 Patch priority Medium CVSS severity Medium 5.3 Developer Masteriyo PSID ce37ea579b31 Credits Steven Julian Required privilege...

6.6AI score0.00843EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder