Lucene search
K

398 matches found

Nuclei
Nuclei
added 2 days ago140 views

MasterStudy LMS <2.7.6 - Improper Access Control

WordPress MasterStudy LMS plugin before 2.7.6 is susceptible to improper access control. The plugin does not validate some parameters given when registering a new account, which can allow an attacker to register as an admin, thus potentially being able to obtain sensitive information, modify data...

9.8CVSS7.1AI score0.84943EPSS
Exploits8References5
Nuclei
Nuclei
added 2 days ago163 views

MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection

The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied...

9.8CVSS7AI score0.77729EPSS
Exploits1References4
NVD
NVD
added 2026/06/29 3:16 p.m.9 views

CVE-2026-57330

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/29 1:36 p.m.9 views

EUVD-2026-40101

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS5.8AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 1:36 p.m.35 views

CVE-2026-57330 WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in MasterStudy LMS = 3.7.27 versions...

6.5CVSS0.00171EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 1:36 p.m.17 views

CVE-2026-57330

The CVE-2026-57330 entry describes a Cross-Site Scripting (XSS) vulnerability in the WordPress MasterStudy LMS plugin, affecting versions

6.5CVSS5.8AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.7 views

CVE-2026-57640

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57640 WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39755

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57640

Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:53 p.m.12 views

CVE-2026-57640

CVE-2026-57640 : A Broken Access Control vulnerability affects the WordPress plugin MasterStudy LMS up to version 3.7.30 . The issue is documented with a CVSS 3.1 base score of 4.3 (Medium) and describes restricted access conditions that could permit unauthorized exposure of resources. The availa...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 12:30 p.m.5 views

WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by lagi bljr in WordPress Plugin MasterStudy LMS versions = 3.7.30...

4.3CVSS5.8AI score0.00243EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/15 9:30 p.m.12 views

EUVD-2026-36976

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

8.5CVSS5.7AI score0.00332EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.10 views

CVE-2026-40766

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

8.5CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.28 views

CVE-2026-40766 WordPress MasterStudy LMS plugin <= 3.7.25 - SQL Injection vulnerability

Subscriber SQL Injection in MasterStudy LMS = 3.7.25 versions...

8.5CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.19 views

CVE-2026-40766

CVE-2026-40766 concerns the WordPress MasterStudy LMS plugin (versions

8.5CVSS5.7AI score0.00332EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 2:16 p.m.14 views

CVE-2025-64215

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16...

6.5CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 1:3 p.m.9 views

CVE-2025-64215 WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16...

6.5CVSS5.2AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 1:3 p.m.10 views

EUVD-2025-210138

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16...

6.5CVSS5.2AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 1:3 p.m.39 views

CVE-2025-64215 WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16...

6.5CVSS0.00196EPSS
Exploits0References1
Rows per page
Query Builder