[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fF01YFS9MihhQ1EycclhUT9GL2Alwqi6C3GwKVPhqfeY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":30,"research_verified":31,"research_rounds_completed":32,"research_plan":33,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":34,"research_started_at":35,"research_completed_at":36,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":31,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":31,"source_links":37},"CVE-2026-39524","masteriyo-lms-online-course-builder-for-elearning-lms-education-missing-authorization","Masteriyo LMS – Online Course Builder for eLearning, LMS & Education \u003C= 2.1.5 - Missing Authorization","The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to perform an unauthorized action.","learning-management-system",null,"\u003C=2.1.5","2.1.6","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-04-08 00:00:00","2026-04-15 19:03:58",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F73b4e081-caa8-4055-91e2-11979df20159?source=api-prod",8,[22,23,24,25,26,27,28,29],"addons\u002Felementor-integration\u002FHelper.php","addons\u002Fstripe\u002FStripeAddon.php","changelog.txt","composer.json","i18n\u002Flanguages\u002Flearning-management-system.pot","lms.php","readme.txt","uninstall.php","researched",false,3,"# Vulnerability Research Plan: CVE-2026-39524 - Masteriyo LMS Missing Authorization\n\n## 1. Vulnerability Summary\nThe **Masteriyo LMS** plugin (up to version 2.1.5) contains a missing authorization vulnerability in its Stripe integration addon. Specifically, the function `save_stripe_account()` in `Masteriyo\\Addons\\Stripe\\StripeAddon` is responsible for updating sensitive Stripe settings (including `stripe_user_id` and `sandbox` mode). \n\nWhile the function is hooked to `admin_head` and performs a nonce check (`masteriyo_stripe_nonce`), it **fails to perform a capability check** (e.g., `current_user_can('manage_options')`). If an attacker can obtain a valid `masteriyo_stripe_nonce` (which is often leaked in public localized scripts or during unauthenticated interactions) and trick the environment into satisfying the `get_current_screen()` check, or if the logic is reachable via other means, they can manipulate the plugin's payment configuration.\n\n## 2. Attack Vector Analysis\n- **Endpoint:** `wp-admin\u002Fadmin.php?page=masteriyo` (or any URL that satisfies the `toplevel_page_masteriyo` screen check).\n- **Hook:** `admin_head` via `StripeAddon::save_stripe_account`.\n- **Vulnerable Parameters:** `nonce`, `accountId`, `mode`.\n- **Authentication:** Unauthenticated (if the nonce","gemini-3-flash-preview","2026-04-17 20:19:45","2026-04-17 20:20:39",{"type":38,"vulnerable_version":39,"fixed_version":11,"vulnerable_browse":40,"vulnerable_zip":41,"fixed_browse":42,"fixed_zip":43,"all_tags":44},"plugin","2.1.5","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flearning-management-system\u002Ftags\u002F2.1.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flearning-management-system.2.1.5.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flearning-management-system\u002Ftags\u002F2.1.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flearning-management-system.2.1.6.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Flearning-management-system\u002Ftags"]