top of page
perceptive_background_267k.jpg

Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation.

This issue affects Masteriyo LMS PRO: from n/a through…

Published:

1 juni 2026 om 22:00:00

Alert date:

2 juni 2026 om 11:00:30

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A privilege escalation vulnerability (CVE-2025-53209) has been identified in Themeisle Masteriyo LMS PRO, a WordPress learning management system plugin. The vulnerability is caused by incorrect privilege assignment, allowing attackers to escalate their privileges within the system. This security flaw affects all versions of Masteriyo LMS PRO from the initial release through version 2.20.0. The vulnerability could potentially allow unauthorized users to gain elevated access to the LMS platform, compromising the security of educational content and user data. Organizations using the affected versions should prioritize updating to a patched version when available.

Technical details

Mitigation steps:

Affected products:

Themeisle Masteriyo LMS PRO

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-53209
https://patchstack.com/database/wordpress/plugin/learning-management-system-pro/vulnerability/wordpress-masteriyo-lms-pro-2-20-0-privilege-escalation-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page