6.5
CVE-2024-1289
- EPSS 0.2%
- Veröffentlicht 09.04.2024 19:15:15
- Zuletzt bearbeitet 09.01.2025 17:41:10
- Quelle security@wordfence.com
- CVE-Watchlists
- Unerledigt
LoginLearnPress <= 4.2.6.3 - Insecure Direct Object Reference
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed.
Mögliche Gegenmaßnahme
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses: Update to version 4.2.6.4, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses
Version
*-4.2.6.3
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Thimpress ≫ Learnpress SwPlatformwordpress Version < 4.2.6.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.422 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 2.8 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
|
| security@wordfence.com | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-639 Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.