The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin
A vulnerability classified as critical was found in MasterStudy LMS Plugin up to 275 on WordPress (WordPress Plugin) This vulnerability affects an unknown part of the component New Account Handler The manipulation with an unknown input leads to a privileges management vulnerability The CWE definition for the vulnerability is CWE-269 The software does not properly assign,