Skip to main content

Masteriyo LMS EUVD-2026-36837

| CVE-2026-42743 MEDIUM
Improper Verification of Cryptographic Signature (CWE-347)
2026-06-15 Patchstack GHSA-jmqx-7p3p-v5pc
Jwt Attack Information Disclosure Masteriyo Lms
6.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
vuln.today AI
6.5 MEDIUM

Network-accessible JWT signature bypass requires no privileges or interaction; impacts are low-scope LMS data access and modification with no availability impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 15, 2026 - 22:59 vuln.today

DescriptionCVE.org

Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions.

AnalysisAI

Unauthenticated broken authentication in the Masteriyo LMS WordPress plugin (versions ≤2.1.8) stems from improper JWT signature verification (CWE-347), allowing remote attackers to forge authentication tokens without valid credentials and gain unauthorized access to protected LMS resources. The CVSS:3.1 vector AV:N/AC:L/PR:N/UI:N confirms fully unauthenticated, low-complexity network exploitation, enabling an attacker to impersonate enrolled students or instructors and read or modify course-related data. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Enumerate WordPress site for Masteriyo LMS plugin
Delivery
Craft forged JWT token with target user identity
Exploit
Submit forged token to Masteriyo LMS REST API
Execution
Bypass authentication check due to improper signature verification
Impact
Access or manipulate protected course and user data as impersonated account
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The Masteriyo - LMS WordPress plugin must be installed and active on a WordPress site at version 2.1.8 or earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) reflects a remotely exploitable, unauthenticated flaw with low attack complexity, representing a straightforward exploit path for any network-capable attacker. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A remote, unauthenticated attacker identifies a WordPress site running Masteriyo LMS 2.1.8 via HTTP response headers or plugin enumeration, then crafts a forged JWT payload - for example using the 'none' algorithm or a predicted/empty signing secret - to claim the identity of a known or guessed student account. The attacker submits this forged token in REST API requests to Masteriyo LMS endpoints, gaining unauthorized access to enrolled course content, personal user data, or the ability to manipulate course completion records. …
Remediation The primary remediation is to update the Masteriyo - LMS WordPress plugin to a version above 2.1.8 as soon as a patched release is available from ThemeGrill. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-48558 CRITICAL POC
9.5 Jun 12

Authentication bypass in SimpleHelp 5.5.15 and prior (plus 6.0 pre-release builds) allows remote unauthenticated attacke
CVE-2026-10795 HIGH POC
8.1 Jun 11

Remote code execution in UpdraftPlus: WP Backup & Migration Plugin for WordPress (versions ≤1.26.4) allows unauthenticat
CVE-2026-41005 CRITICAL
9.0 Jun 11

Authentication bypass in Cloud Foundry UAA (User Account and Authentication) versions 2.0.0 through 78.13.0 allows remot
CVE-2026-50010 HIGH
7.5 Jun 12

TLS hostname verification is silently disabled in Netty's netty-handler module for any client built with SslContextBuild
CVE-2026-50634 MEDIUM
6.5 Jun 11

Signature metadata trust bypass in Apache CXF's JwsJsonContainerRequestFilter allows an attacker who can send JWS JSON-s

Share

EUVD-2026-36837 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy