CVE-2020-7916

Name of the Vulnerable Software and Affected Versions LearnPress plugin versions 3.2.6.5 and earlier

Description The issue allows any registered user to assign itself the teacher role via the "wp-admin/admin-ajax.php?action=learnpress be teacher" API endpoint without any additional permission checks. This enables any user to change its role to an instructor/teacher and gain access to otherwise restricted data.

Recommendations For LearnPress plugin versions 3.2.6.5 and earlier, consider disabling the be teacher function in class-lp-admin-ajax.php until a patch is available to prevent unauthorized role changes. Restrict access to the wp-admin/admin-ajax.php?action=learnpress be teacher API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.