Description
The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'install_and_activate_plugin' function in all versions up to, and including, 4.7.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability is difficult to exploit due to timing requirements and environmental factors.
Published: 2025-07-18
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Potential for remote code execution via authenticated file upload
Action: Patch Now
AI Analysis

Impact

The MasterStudy LMS Pro plugin for WordPress allows authenticated users with Subscriber-level access or higher to upload arbitrary files because the 'install_and_activate_plugin' function does not validate the file type. This flaw is a file upload bypass (CWE-434) and can place any file on the server, enabling attackers to deposit code that may execute remotely if the upload directory is web‑executable. The vulnerability is not trivial; it requires correct timing and environmental conditions, yet the potential for serious compromise exists once the file is placed.

Affected Systems

All StylemixThemes MasterStudy LMS Pro plugins for WordPress up to and including version 4.7.9 are affected. The flaw exists in the file upload handling bundled with these releases and therefore any site running one of these versions on WordPress is at risk.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity, but the EPSS score of less than 1% shows that exploitation is considered unlikely based on current data. The vulnerability is not listed in CISA’s KEV catalog, meaning there is no public report of active exploitation. Attackers must first authenticate with at least Subscriber privileges, then upload a malicious file; environmental constraints such as timing make successful exploitation more challenging but not impossible.

Generated by OpenCVE AI on April 22, 2026 at 14:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade MasterStudy LMS Pro to version 4.8.0 or newer to apply the vendor patch that implements type validation for uploads
  • Restrict the ability for Subscriber and lower roles to perform plugin uploads or activations by adjusting WordPress role capabilities or using a role‑management plugin
  • Configure the web server so that uploaded files are stored in a non‑executable directory and set PHP execution permissions to deny execution of arbitrary files

Generated by OpenCVE AI on April 22, 2026 at 14:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-21857 The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'install_and_activate_plugin' function in all versions up to, and including, 4.7.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability is difficult to exploit due to timing requirements and environmental factors.
History

Fri, 18 Jul 2025 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 18 Jul 2025 07:00:00 +0000

Type Values Removed Values Added
Description The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'install_and_activate_plugin' function in all versions up to, and including, 4.7.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability is difficult to exploit due to timing requirements and environmental factors.
Title MasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:38:08.249Z

Reserved: 2025-07-10T17:37:03.103Z

Link: CVE-2025-7438

cve-icon Vulnrichment

Updated: 2025-07-18T13:03:06.132Z

cve-icon NVD

Status : Deferred

Published: 2025-07-18T07:15:24.913

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-7438

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T14:45:19Z

Weaknesses