CVE-2024-5973

Published: Jul 22, 2024Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have.

Affected (1)

Products: Stylemixthemes: Masterstudy Lms

Stylemixthemes

1 product

Masterstudy Lms

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Stylemixthemes Masterstudy Lms	Before 3.3.24

References (2)

https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.