AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2023-4278: The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registra

highvulnerability

security

Source: NVD/CVE DatabaseSeptember 11, 2023CVE-2023-4278

Summary

The MasterStudy LMS WordPress plugin before version 3.0.18 has a registration vulnerability that allows anyone to bypass security checks and create an instructor account without proper verification. Once registered as an instructor, attackers can add courses and posts to the site, potentially compromising its content and structure.

Solution / Mitigation

Update the MasterStudy LMS WordPress plugin to version 3.0.18 or later.

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 21.3%

Classification

Attack SophisticationTrivial

Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-4278

First tracked: February 15, 2026 at 08:37 PM

Classified by LLM (prompt v3) · confidence: 95%