CVE-2025-64215 PUBLISHED

WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability

Assigner: Patchstack
Reserved: 29.10.2025 Published: 15.06.2026 Updated: 15.06.2026

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs.

This issue affects MasterStudy LMS Pro: from n/a before 4.7.16.

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CVSS Score: 6.5

CVSS 3.1

Vendor	StylemixThemes
Product	MasterStudy LMS Pro
Versions	Default: unaffected affected from n/a to 4.7.16 (excl.)

Update the WordPress MasterStudy LMS Pro Plugin to the latest available version (at least 4.7.16).