Vulnerabilities in masteriyo

11 results

CVE-2024-24882CRITICALWordPress LMS by Masteriyo plugin <= 1.7.2 - Privilege Escalation vulnerabilityEPSS 2.1%CVE-2024-33939MEDIUMWordPress LMS by Masteriyo plugin <= 1.7.3 - Broken Authentication vulnerabilityEPSS 0.8%CVE-2024-10008HIGHMasteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Missing Authorization to Privilege EscalationEPSS 0.6%CVE-2024-43158HIGHWordPress Masteriyo LMS plugin <= 1.11.4 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-43159MEDIUMWordPress Masteriyo LMS plugin <= 1.11.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-5167MEDIUMMasteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook EndpointEPSS 0.4%CVE-2026-4484HIGHMasteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to AdministratorEPSS 0.4%CVE-2024-43239MEDIUMWordPress Masteriyo LMS plugin <= 1.11.4 - Insecure Direct Object Reference (IDOR) vulnerabilityEPSS 0.3%CVE-2025-64270MEDIUMWordPress Masteriyo - LMS plugin <= 2.0.3 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2024-10000MEDIUMMasteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Stored Cross-Site Scripting via Ask a Question FunctionalityEPSS 0.3%CVE-2025-54699MEDIUMWordPress Masteriyo - LMS Plugin plugin <= 1.18.3 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.2%