PT-2024-20262 · WordPress · Masterstudy Lms
Hiroho Shimada
·
Published
2024-03-29
·
Updated
2025-02-13
·
CVE-2024-2409
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MasterStudy LMS plugin for WordPress versions up to, and including, 3.3.1
Description
The issue is due to insufficient validation checks within the
register user() function called by the 'wp ajax nopriv stm lms register' AJAX action. This allows unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled.Recommendations
For MasterStudy LMS plugin for WordPress versions up to, and including, 3.3.1: Update the plugin immediately to secure the WordPress site.
As a temporary workaround, consider disabling the
register user() function or restricting access to the 'wp ajax nopriv stm lms register' AJAX action until a patch is available.Fix
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Masterstudy Lms