Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2023-3345

The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students

Published: Jul 31, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-3345
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
themegrill / masteriyo	-	1.6.8

https://wpscan.com/vulnerability/0d07423e-98d2-43a3-824d-562747a3d65a

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo