Skip to main content

MasterStudy LMS CVE-2026-57640

| EUVDEUVD-2026-39755 MEDIUM
Missing Authorization (CWE-862)
2026-06-26 audit@patchstack.com GHSA-48jq-5gpf-vwj9
4.3
CVSS 3.1 · Vendor: patchstack
Share

Severity by source

Vendor (patchstack) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vuln.today AI
4.3 MEDIUM

Subscriber account (PR:L) is the sole access requirement; endpoint is network-reachable with no special conditions; only limited integrity impact is evident with no confidentiality or availability effect.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (patchstack).

CVSS VectorVendor: patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 26, 2026 - 16:12 vuln.today

DescriptionCVE.org

Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions.

AnalysisAI

Broken Access Control in the MasterStudy LMS WordPress plugin (versions ≤ 3.7.30) permits authenticated subscriber-level users to perform actions that exceed their intended permissions. Rooted in CWE-862 (Missing Authorization), the plugin fails to enforce capability checks on one or more endpoints, allowing low-privileged registered users to make unauthorized integrity-affecting modifications. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Register or obtain subscriber-level WordPress account
Delivery
Authenticate to target site
Exploit
Send crafted request to unprotected plugin endpoint
Execution
Bypass missing authorization check
Impact
Perform unauthorized integrity-affecting modification within LMS scope

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid WordPress user account with at minimum the subscriber role - the lowest authenticated WordPress role, typically granted automatically upon site registration. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.3 Medium score is consistent with the attack profile: network-exploitable (AV:N), low complexity (AC:L), low-privilege required (PR:L), no user interaction (UI:N), unchanged scope (S:U), and limited integrity impact (I:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker registers a free subscriber account on a WordPress site running MasterStudy LMS ≤ 3.7.30 (or uses an existing student/learner account) and, after authenticating, sends crafted HTTP requests directly to the plugin's unprotected AJAX or REST endpoints that normally require elevated privileges. The missing authorization check allows the subscriber to perform actions such as modifying course content, altering enrollment records, or accessing restricted course materials intended only for administrators or instructors. …
Remediation Update the MasterStudy LMS plugin to a version above 3.7.30; the exact patched release should be verified through the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/masterstudy-lms-learning-management-system/vulnerability/wordpress-masterstudy-lms-plugin-3-7-30-broken-access-control-vulnerability or the official WordPress plugin repository, as the specific fixed version was not confirmed in the available intelligence. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57640 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy