LearnPress Vulnerable to SQL Injection in REST API Endpoint
CVE-2024-8529

7.5HIGH

Key Information:

Vendor: Wordpress
Status: Learnpress – WordPress Lms Plugin
Vendor: CVE Published:; 12 September 2024

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The LearnPress – WordPress LMS Plugin is susceptible to SQL Injection due to insufficient input escaping of the 'c_fields' parameter within the /wp-json/lp/v1/courses/archive-course REST API endpoint. This vulnerability affects all versions up to and including 4.2.7. As a result, unauthenticated attackers may exploit this weakness to insert arbitrary SQL queries into existing database queries, potentially leading to unauthorized access and exposure of sensitive information stored in the database.

Affected Version(s)

LearnPress – WordPress LMS Plugin * <= 4.2.7

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-8529
Created by RandomRobbieBF

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/changeset?old_path=/le...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Oct 13, 2024
👾
Exploit known to exist
Oct 13, 2024
Vulnerability published
Sep 12, 2024
Vulnerability Reserved
Sep 6, 2024

Credit

abrahack