Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites

Security researchers are sounding the alarm over newly discovered vulnerabilities in some popular online learning management system LMS plugins that various organizations and universities use to offer online training courses through their WordPress-based websites. According to the Check Point...

WordPress LearnPress Plugin SQL Injection

An SQL injection vulnerability exists in the WordPress LearnDash Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

WordPress LearnPress Plugin Privilege Escalation

A privilege escalation vulnerability exists in the WordPress LearnPress Plugin Server. A remote attacker may exploit this vulnerability to execute arbitrary code with administrator privileges...

WordPress LearnPress plugin <= 3.2.6.7 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered in WordPress LearnPress plugin versions = 3.2.6.7. Solution Update the WordPress LearnPress plugin to the latest available version at least 3.2.6.8...

Learnpress < 3.2.6.8 - Authenticated Time Based Blind SQL Injection

This could allow a low privilege user, to perform a time based SQL Injection attack and retrieve data from the DB, such as hashed passwords...

WordPress LearnPress plugin <= 3.2.6.7 - Authenticated Time Based Blind SQL Injection (SQLi) vulnerability

Authenticated Time Based Blind SQL Injection SQLi vulnerability discovered in WordPress LearnPress plugin versions = 3.2.6.7. Solution Update the WordPress LearnPress plugin to the latest available version at least 3.2.6.8...

WordPress LearnPress plugin <= 3.2.6.8 - Authenticated Page Creation and Status Modification vulnerability

Authenticated Page Creation and Status Modification vulnerability discovered by WordFence in WordPress LearnPress plugin versions = 3.2.6.8. Solution Update the WordPress LearnPress plugin to the latest available version at least 3.2.6.9...

LearnPress < 3.2.6.9 - Privilege Escalation to "LP Instructor"

The LearnPress plugin through 3.2.6.8 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. The "LP Instructor" role grants the "unfilteredhtml" capability, allowing an escalated user to insert posts containing...

LearnPress < 3.2.6.9 - Authenticated Post Creation and Status Modification

The LearnPress plugin for WordPress allows authenticated remote attackers with minimal permissions to create pages with arbitrary titles, or modify the publication status of any existing page, via the learnpresscreatepage or learnpressupdateorderstatus AJAX actions...

LearnPress < 3.2.6.9 - Privilege Escalation to "LP Instructor"

The LearnPress plugin through 3.2.6.8 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. The "LP Instructor" role grants the "unfilteredhtml" capability, allowing an escalated user to insert posts containing...

WordPress LearnPress Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.LearnPress is a learning management system plugin used in it. A security vulnerability exists in the beteacher file in the...

CVE-2020-7916

beteacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpressbeteacher URI without any additional permission checks. Therefore, any user can change its...

CVE-2020-7916

beteacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpressbeteacher URI without any additional permission checks. Therefore, any user can change its...

Authentication flaw

beteacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpressbeteacher URI without any additional permission checks. Therefore, any user can change its...

CVE-2020-7916

Summary: CVE-2020-7916 affects WordPress LearnPress plugin versions 3.2.6.5 and earlier. The flaw resides in be_teacher in class-lp-admin-ajax.php, allowing any registered/authenticated user to call wp-admin/admin-ajax.php?action=learnpress_be_teacher and grant themselves the teacher role without...

WordPress LearnPress plugin <= 3.2.6.6 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered in WordPress LearnPress plugin versions = 3.2.6.6. Solution Update the WordPress LearnPress plugin to the latest available version at least 3.2.6.7...

LearnPress < 3.2.6.7 - Privilege Escalation

Any authenticated user can change its role to an instructor/teacher and gain access to otherwise restricted data...

CVE-2018-16174

Open redirect vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2018-16175

SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors...

CVE-2018-16175

SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors...