Unauthenticated Attackers Can Bypass User Registration in LearnPress
CVE-2024-4444

6.5MEDIUM

Key Information:

Vendor: Wordpress
Status: Learnpress – WordPress Lms Plugin
Vendor: CVE Published:; 14 May 2024

Summary

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'create_account' function in the checkout. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.

Affected Version(s)

LearnPress – WordPress LMS Plugin * <= 4.2.6.5

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://inky-knuckle-2c2.notion.site/Improper-Authenticat...

https://plugins.trac.wordpress.org/browser/learnpress/tag...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
May 2, 2024

Credit

1337_Wannabe