WordPress plugin MasterStudy LMS security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

MasterStudy LMS < 3.0.18 - Unauthenticated Instructor Account Creation

Description The plugin does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts. 1. Visit the Profiles Settings page for the plugin: MS LMS LMS Settings Profiles 2. Ensure that "Disable Instructor...

WordPress MasterStudy LMS Plugin <= 2.7.9 is vulnerable to Cross Site Scripting (XSS)

Software MasterStudy LMS Type Plugin Vulnerable versions = 2.7.9 Fixed in 2.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 876c95417bf3 Credits Rafie Muhammad Patchstack Required...

CVE-2023-35093

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

CVE-2023-35093

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

CVE-2023-35090

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.7 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.7 versions...

CVE-2023-35093 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

CVE-2023-35093 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control

Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more...

CVE-2023-35093

CVE-2023-35093 affects StylemixThemes MasterStudy LMS WordPress Plugin (

CVE-2023-35090 WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin = 3.0.7 versions...

WordPress Plugin MasterStudy LMS 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Plugin StylemixThemes MasterStudy LMS WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin StylemixThemes...

PT-2023-25139 · Stylemixthemes · Stylemixthemes Masterstudy Lms Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin versions prior to 3.0.8 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or highe...

WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35090 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 10f578002fee Credits Rafshanzani Suhada...

WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control

Software MasterStudy LMS Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35093 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID fe9a14774ad1 Credits Rafshanzani Suhada...

Exploit for Improper Privilege Management in Stylemixthemes Masterstudy_Lms

!imagehttps://github.com/tegal1337/CVE-2022-0441/assets/31664...

WordPress MasterStudy LMS Plugin <= 2.9.34 is vulnerable to Broken Access Control

Software MasterStudy LMS Type Plugin Vulnerable versions = 2.9.34 Fixed in 2.9.35 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 3b63e4d1bbd6 Credits Unknown Required privilege...

WordPress MasterStudy LMS Plugin Privilege Escalation (CVE-2022-0441)

A privilege escalation exists in WordPress MasterStudy LMS plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

CVE-2022-0441

The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin...