Description The plugin does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts.
1. Visit the Profiles Settings page for the plugin: MS LMS > LMS Settings > Profiles 2. Ensure that “Disable Instructor Registration” and “Disable Instructor Pre-moderation” are both “On”. Save settings. 3. On a course page, click “Enroll Course” 4. Register a new user. Intercept the request, ex: {"user_login":"user123","user_email":"[email protected]","user_password":"Password123","user_password_re":"Password123","become_instructor":"true","privacy_policy":true,"degree":"","expertize":"","auditory":"","additional":[],"additional_instructors":[],"profile_default_fields_for_register":[],"redirect_page":"http://site.com/user-account/"}
4. Change the become_instructor
value to true
5. The account will have instructor privileges, allowing them to add new courses and publish blog posts for review.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 3.0.18 |