Description
WordPress Plugin MasterStudy LMS-for Online Courses and Education is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently expose draft post titles and excerpts. WordPress Plugin MasterStudy LMS-for Online Courses and Education version 3.2.13 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.3.0 or latest
References
Related Vulnerabilities
WordPress Plugin Basic Google Maps Placemarks Cross-Site Scripting (1.10.2)
WordPress Plugin Mingle Forum Cross-Site Scripting (1.0.28)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.4.5)
WordPress Plugin Top Quark Architecture 'script.php' Arbitrary File Upload (2.1.0)
WordPress Plugin All-in-One Event Calendar Multiple Cross-Site Scripting Vulnerabilities (1.5)