Description
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP CSS 'wp-css-compress.php' Local File Disclosure (2.0.5)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.30)
WordPress Plugin WP Meta and Date Remover Cross-Site Request Forgery (1.7.5)
WordPress Plugin YITH Pre-Order for WooCommerce Security Bypass (1.1.9)
WordPress Plugin GenerateBlocks Cross-Site Scripting (1.3.5)