WordPress Masteriyo - LMS plugin <= 2.1.8 - Broken Authentication vulnerability

WordPress Masteriyo - LMS plugin = 2.1.8 - Broken Authentication vulnerability discovered by HieuPenguin in WordPress Plugin Masteriyo - LMS versions = 2.1.8...

WordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerability

WordPress Masteriyo - LMS plugin = 2.1.5 - Payment Bypass vulnerability discovered by davidfdzmorilla in WordPress Plugin Masteriyo - LMS versions = 2.1.5...

CVE-2025-64270 WordPress Masteriyo - LMS plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in masteriyo Masteriyo - LMS learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects Masteriyo - LMS: from n/a through = 2.0.3...

CVE-2025-64270 WordPress Masteriyo - LMS plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in masteriyo Masteriyo - LMS learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects Masteriyo - LMS: from n/a through = 2.0.3...

CVE-2025-54699 WordPress Masteriyo - LMS Plugin plugin <= 1.18.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in masteriyo Masteriyo - LMS learning-management-system allows Stored XSS.This issue affects Masteriyo - LMS: from n/a through = 1.18.3...

WordPress Masteriyo - LMS Plugin <= 1.13.3 is vulnerable to Cross Site Scripting (XSS)

Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.13.3 Fixed in 1.13.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10000 Patch priority Low CVSS severity Low 6.5 Developer Masteriyo PSID 896bb27d11e1 Credits floerer Required privilege...

WordPress Masteriyo - LMS Plugin <= 1.11.6 is vulnerable to Broken Access Control

Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.11.6 Fixed in 1.12.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43159 Patch priority Low CVSS severity Low 5.3 Developer Masteriyo PSID 1a387af06f60 Credits Ananda Dhakal Patchstack Required...