CVE-2024-2106

Name of the Vulnerable Software and Affected Versions The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress versions up to, and including, 3.2.10

Description The issue allows unauthenticated attackers to extract sensitive data, including all registered users' usernames and email addresses, which can be used to help perform future attacks. This can lead to information exposure.

Recommendations For versions up to, and including, 3.2.10, update to a version higher than 3.2.10 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.