revan-ar / CVE-2023-4278

Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation.

CVE-2023-4278

Exploit Title: Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation
Google Dork: inurl:/user-public-account
Vendor Homepage: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/
Software Link: https://stylemixthemes.com
Version: <= 3.0.17
CVE : CVE-2023-4278

Exploit

$ git clone https://github.com/revan-ar/CVE-2023-4278
$ cd CVE-2023-4278/
$ python exploit.py

References :

https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235

Donate

About

Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation.

Languages

Language:Python 100.0%