A missing authorization check just handed student-level users the keys to your entire WordPress site discovered By: SecurityLab Blogger (Hunter Jensen / skid — original researcher) Published: March 25, 2026 · Updated: March 27, 2026 Imagine this. You run a thriving online course business on WordPress. You’re using Masteriyo LMS to deliver content to hundreds of…