Primary

Context

Masteriyo Learning Management System Authentication Bypass Vulnerability

Vulnerability

Patched

A vulnerability allowing authentication bypass has been identified in the Masteriyo Learning Management System (LMS) plugin for WordPress, affecting versions through 1.7.3. This vulnerability allows unauthorized access to course progress, potentially enabling attackers to manipulate course data or access restricted features.

Impact

Exploitation of this vulnerability allows unauthorized users to access and modify course progress information, which could be used to gain unfair advantages in course completion or assessment.

Remediation

Users of the Masteriyo LMS WordPress plugin should update to version 1.7.4 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Masteriyo Learning Management System Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Masteriyo Masteriyo - LMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating