The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/175007/WordPress-Masterstudy-LMS-3.0.17-Account-Creation.html | |
https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235 | Exploit Third Party Advisory |
Configurations
History
07 Nov 2023, 04:22
Type | Values Removed | Values Added |
---|---|---|
CWE |
10 Oct 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Sep 2023, 16:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:* | |
First Time |
Stylemixthemes masterstudy Lms
Stylemixthemes |
11 Sep 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-11 20:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-4278
Mitre link : CVE-2023-4278
CVE.ORG link : CVE-2023-4278
JSON object : View
Products Affected
stylemixthemes
- masterstudy_lms
CWE
No CWE.