EXPLOITDB-EDB-50752

EXPLOITDB text WORKING POC

Exploit for CVE-2022-0441 - MasterStudy LMS <2.7.6 - Info Disclosure

AI Analysis

This exploit demonstrates an unauthenticated admin account creation vulnerability in WordPress Plugin MasterStudy LMS versions <2.7.6. It sends a crafted POST request to the admin-ajax.php endpoint with a JSON payload that includes administrator capabilities, bypassing normal registration restrictions.

Attack Type

auth_bypass

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/50752

Authors

numan türle

Vulnerability

CVE-2022-0441

MasterStudy LMS <2.7.6 - Info Disclosure

CRITICAL

CVSS 9.8