WordPress plugin MasterStudy LMS WordPress Plugin – for Online Courses and Education 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

CVE-2025-13766 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.6 Missing Authorization to Authenticated (Subscriber+) Posts and Media Creation, Modification and Deletion

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to a missing capability checks on multiple REST API endpoints in all versions up to, and including, 3.7.6. This makes it possible for...

EUVD-2024-27070

Malicious code in bioql PyPI...

EUVD-2024-17626

Malicious code in bioql PyPI...

EUVD-2024-32509

Malicious code in bioql PyPI...

CVE-2024-5973

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have...

CVE-2024-2411

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'modal' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code i...

WordPress MasterStudy LMS Plugin <= 3.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.2.1 Fixed in 3.2.2 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2024-37093 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID baf1167c8e0f Credits Majed Refaea...

PT-2023-28583 · WordPress · Masterstudy Lms Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: MasterStudy LMS WordPress Plugin versions prior to 3.0.18 Description: The issue allows anyone to register on the site as an instructor due to improper checks during registration. This enables them to add courses and/or posts. Recommendations...

CVE-2023-35093

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

CVE-2023-35093 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

Exploit for Improper Privilege Management in Stylemixthemes Masterstudy_Lms

!imagehttps://github.com/tegal1337/CVE-2022-0441/assets/31664...