exploitDog

CVE-2024-5973

Опубликовано: 22 июл. 2024

Источник: nvd

CVSS3: 8.8

CVSS3: 9.1

EPSS Низкий

Описание

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have.

Ссылки

https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/59abfb7c-d5ea-45f2-ab9a-4391978e3805/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*

Версия до 3.3.24 (исключая)

EPSS

Процентиль: 75%

0.00856

Низкий

8.8 High

CVSS3

9.1 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-264v-69hm-998m

CVSS3: 8.8

github

больше 1 года назад

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have.

EPSS

Процентиль: 75%

0.00856

Низкий

8.8 High

CVSS3

9.1 Critical

CVSS3

Дефекты

NVD-CWE-noinfo