9.8
CVE-2019-15896
- EPSS 7.45%
- Veröffentlicht 10.09.2019 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:29:41
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginLMS by LifterLMS <= 3.35.0 - Stored Cross-Site Scripting via Import
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (administrator account creation), website redirection, and stored XSS.
Mögliche Gegenmaßnahme
LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes: Update to version 3.35.0, or a newer patched version
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.45% | 0.937 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-lifterlms-plugin/
https://wordpress.org/plugins/lifterlms/#developers
https://wpvulndb.com/vulnerabilities/9871
https://www.wordfence.com/threat-intel/vulnerabilities/id/4fa04a97-0be1-4710-ae97-5820ccbddc1e