Lucene search

[email protected]NVD:CVE-2024-1289

HistoryApr 09, 2024 - 7:15 p.m.

CVE-2024-1289

2024-04-0919:15:15

[email protected]

web.nvd.nist.gov

learnpress

wordpress

lms plugin

insecure direct object reference

vulnerable

user control

orders

authenticated

attackers

information exposure

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed.

References

plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042945%40learnpress%2Ftags%2F4.2.6.3&new=3061851%40learnpress%2Ftags%2F4.2.6.4

www.wordfence.com/threat-intel/vulnerabilities/id/0c410d91-08cc-496d-9c8e-c57f107399da?source=cve

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for NVD:CVE-2024-1289

cve1 cvelist1 wpvulndb1 wordfence1