CVE-2020-6008

Name of the Vulnerable Software and Affected Versions LifterLMS Wordpress plugin versions prior to 3.37.15

Description The issue allows for arbitrary file write, which can lead to remote code execution. It is related to multiple critical vulnerabilities, including SQL injection and file write vulnerabilities, found in leading WordPress Learning Management Systems plugins.

Recommendations For versions prior to 3.37.15, update to version 3.37.15 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.