AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-5973: The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor

highvulnerability

security

Source: NVD/CVE DatabaseJuly 22, 2024CVE-2024-5973

Summary

The MasterStudy LMS WordPress Plugin (a learning management system add-on for WordPress) before version 3.3.24 has a security flaw where students can create instructor accounts, giving them access to features they shouldn't be able to use. This vulnerability allows unauthorized privilege escalation (gaining higher-level permissions than intended).

Solution / Mitigation

Update the MasterStudy LMS WordPress Plugin to version 3.3.24 or later.

Vulnerability Details

CVSS Score

8.8(high)

EPSS (30-day exploit probability)

EPSS: 0.9%

Classification

Attack SophisticationTrivial

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-5973

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 95%