Themegrill Masteriyo vulnerabilities
3 known vulnerabilities affecting themegrill/masteriyo.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-24882P1CRITICALCVSS 9.8ExploitedPoCfixed in 1.7.32024-05-17
CVE-2024-24882 [CRITICAL] CWE-266 CVE-2024-24882: Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system
Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.2.
nvd
CVE-2024-33939P1MEDIUMCVSS 5.3ExploitedPoCfixed in 1.7.42025-05-19
CVE-2024-33939 [MEDIUM] CWE-288 CVE-2024-33939: Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS
Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.3.
nvd
CVE-2023-3345P3MEDIUMCVSS 6.5PoCfixed in 1.6.82023-07-31
CVE-2023-3345 [MEDIUM] CWE-863 CVE-2023-3345: The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of
The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students
nvd