CVE-2024-5973

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*

History

25 Jul 2024, 15:18

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*
References () https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/ - () https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/ - Exploit, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
First Time Stylemixthemes masterstudy Lms
Stylemixthemes

22 Jul 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) El complemento de WordPress MasterStudy LMS WordPress Plugin anterior a 3.3.24 no impide que los estudiantes creen cuentas de instructor, que podrían usarse para obtener acceso a funcionalidades que no deberían tener.

22 Jul 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-22 06:15

Updated : 2024-08-01 14:00


NVD link : CVE-2024-5973

Mitre link : CVE-2024-5973

CVE.ORG link : CVE-2024-5973


JSON object : View

Products Affected

stylemixthemes

  • masterstudy_lms