PT-2024-14901 · WordPress · Learnpress

Lttn

Published

2024-01-11

Updated

2024-01-16

CVE-2023-6223

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions LearnPress plugin for WordPress versions up to, and including, 4.2.5.7

Description The issue allows authenticated attackers with subscriber-level access and above to retrieve the details of another user's course progress due to missing validation on the userID user controlled key in the "/wp-json/lp/v1/profile/course-tab" API endpoint.

Recommendations For versions up to, and including, 4.2.5.7, consider disabling access to the "/wp-json/lp/v1/profile/course-tab" API endpoint until a patch is available. Restrict the use of the userID key to minimize the risk of exploitation.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2023-6223

Affected Products

Learnpress

PT-2024-14901 · WordPress · Learnpress

CVE-2023-6223

Weakness Enumeration

Related Identifiers

Affected Products

References · 6