CVE-2024-43158
- EPSS 0.76%
- Veröffentlicht 01.11.2024 15:15:40
- Zuletzt bearbeitet 28.05.2025 20:22:20
Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
CVE-2024-43159
- EPSS 0.24%
- Veröffentlicht 01.11.2024 15:15:40
- Zuletzt bearbeitet 28.05.2025 20:22:07
Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masteriyo - LMS: from n/a through 1.11.6.
CVE-2024-10000
- EPSS 0.23%
- Veröffentlicht 29.10.2024 06:15:13
- Zuletzt bearbeitet 17.05.2025 01:44:25
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the question's content parameter in all versions up to, and including, 1.13.3 due to insufficient input saniti...
CVE-2024-10008
- EPSS 15.9%
- Veröffentlicht 29.10.2024 06:15:13
- Zuletzt bearbeitet 17.05.2025 01:43:57
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all ver...
CVE-2024-43239
- EPSS 0.09%
- Veröffentlicht 18.08.2024 22:15:08
- Zuletzt bearbeitet 27.05.2025 17:36:06
Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
CVE-2024-24882
- EPSS 31.54%
- Veröffentlicht 17.05.2024 09:15:24
- Zuletzt bearbeitet 09.06.2025 20:06:55
Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This issue affects LMS: from n/a through 1.7.2.