This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_114160LearnPress Plugin for WordPress < 4.2.5.8 Multiple Vulnerabilities
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
0.298 Low
EPSS
Percentile
97.0%
The WordPress LearnPress Plugin installed on the remote host is affected by multiple vulnerabilities :
-
An unauthenticated SQL Injection via order_by. (CVE-2023-6567)
-
An insecure direct object reference to information disclosure. (CVE-2023-6223)
-
A command injection. (CVE-2023-6634)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data| Vendor | Product | Version | CPE |
|---|---|---|---|
| thimpress | learnpress | * | cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6223
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6567
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6634
wordpress.org/plugins/learnpress/
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-4257-command-injection
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-4257-insecure-direct-object-reference-to-information-disclosure
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-4257-unauthenticated-sql-injection-via-order-by
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
Low
0.298 Low
EPSS
Percentile
97.0%