CyberRota
← Ana sayfaya dön

CVE-2026-10824

MEDIUM · CVSS 6.5 EPSS %0.16

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-25T07:16:44.767 · Çekilme zamanı: 2026-06-30T18:33:17.971581+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-10824
Severity
MEDIUM
CVSS
6.5
EPSS
%0.16
WordPress

Orijinal NVD Açıklaması

The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records.