A vulnerability was found in MasterStudy LMS Pro Plugin up to 4.7.0 on WordPress. It has been rated as critical. This issue affects the function stm_lms_add_assignment_attachment. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2025-4800. The attack may be initiated remotely. There is no exploit available.