Perceptive Security
SOC/SIEM Consultancy
Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation.
This issue affects Masteriyo LMS PRO: from n/a through…
Published:
1 June 2026 at 22:00:00
Alert date:
2 June 2026 at 14:01:11
Source:
nvd.nist.gov
Web Technologies, Enterprise Applications
A privilege escalation vulnerability (CVE-2025-53209) has been identified in Themeisle Masteriyo LMS PRO plugin. The vulnerability is classified as an Incorrect Privilege Assignment issue that allows attackers to escalate their privileges within the system. This security flaw affects all versions of Masteriyo LMS PRO from the initial release through version 2.20.0. The vulnerability enables unauthorized users to gain elevated access rights, potentially compromising the entire learning management system. Organizations using the affected versions should prioritize patching to prevent potential exploitation.
Technical details
Mitigation steps:
Affected products:
Themeisle Masteriyo LMS PRO
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2025-53209
https://patchstack.com/database/wordpress/plugin/learning-management-system-pro/vulnerability/wordpress-masteriyo-lms-pro-2-20-0-privilege-escalation-vulnerability?_s_id=cve
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.