Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Subscriber account (PR:L) is the sole access requirement; endpoint is network-reachable with no special conditions; only limited integrity impact is evident with no confidentiality or availability effect.
Primary rating from Vendor (patchstack).
CVSS VectorVendor: patchstack
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions.
AnalysisAI
Broken Access Control in the MasterStudy LMS WordPress plugin (versions ≤ 3.7.30) permits authenticated subscriber-level users to perform actions that exceed their intended permissions. Rooted in CWE-862 (Missing Authorization), the plugin fails to enforce capability checks on one or more endpoints, allowing low-privileged registered users to make unauthorized integrity-affecting modifications. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid WordPress user account with at minimum the subscriber role - the lowest authenticated WordPress role, typically granted automatically upon site registration. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.3 Medium score is consistent with the attack profile: network-exploitable (AV:N), low complexity (AC:L), low-privilege required (PR:L), no user interaction (UI:N), unchanged scope (S:U), and limited integrity impact (I:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers a free subscriber account on a WordPress site running MasterStudy LMS ≤ 3.7.30 (or uses an existing student/learner account) and, after authenticating, sends crafted HTTP requests directly to the plugin's unprotected AJAX or REST endpoints that normally require elevated privileges. The missing authorization check allows the subscriber to perform actions such as modifying course content, altering enrollment records, or accessing restricted course materials intended only for administrators or instructors. … |
| Remediation | Update the MasterStudy LMS plugin to a version above 3.7.30; the exact patched release should be verified through the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/masterstudy-lms-learning-management-system/vulnerability/wordpress-masterstudy-lms-plugin-3-7-30-broken-access-control-vulnerability or the official WordPress plugin repository, as the specific fixed version was not confirmed in the available intelligence. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39755
GHSA-48jq-5gpf-vwj9