Exploit for Improper Privilege Management in Stylemixthemes Masterstudy Lms CVE-2023-4278

Name: Exploit for Improper Privilege Management in Stylemixthemes Masterstudy Lms CVE-2023-4278
Rating: 5 (93 reviews)

2023-09-04 | CVSS 5.0

## https://sploitus.com/exploit?id=A1FBFBD4-218F-5574-9BF6-46D1D332876B
# CVE-2023-4278

[![made-with-python](https://img.shields.io/badge/Made%20with-Python-1f425f.svg)](https://www.python.org/)



![[vulnerable.png]](./vulnerable.png)



```
Exploit Title: Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation
Google Dork: inurl:/user-public-account
Vendor Homepage: https://wordpress.org/plugins/masterstudy-lms-learning-management-system/
Software Link: https://stylemixthemes.com
Version: <= 3.0.17
CVE : CVE-2023-4278
```

### Exploit
```
$ git clone https://github.com/revan-ar/CVE-2023-4278
$ cd CVE-2023-4278/
$ python exploit.py
```

### References :
- https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235

### Donate
[!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/yellow_img.png)](https://www.buymeacoffee.com/revan.ar)