VYPR

MasterStudy LMS WordPress Plugin

by MasterStudy

CVEs (2)

  • CVE-2026-0559MedFeb 14, 2026
    risk 0.35cvss 6.4epss 0.00

    The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stm_lms_courses_grid_display' shortcode in all versions up to, and including, 3.7.11 due to insufficient input…

  • CVE-2025-13766MedJan 6, 2026
    risk 0.28cvss 5.4epss 0.00

    The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized modification and deletion of data due to a missing capability checks on multiple REST API endpoints in all versions up to, and including, 3.7.6. This…