WordPress Plugin Vulnerabilities

LearnPress – WordPress LMS Plugin < 4.2.6.8.2 - Unauthenticated Bypass to User Registration

Description

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated bypass to user registration in versions up to, and including, 4.2.6.8.1. This is due to missing checks in the 'check_validate_fields' function in the checkout. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.

Affects Plugins

Plugin icon
learnpress
Fixed in 4.2.6.8.2

References

CVE
CVE-2024-6099
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/7ee714c7-4c9b-4627-9ba9-f83aeca6a0a5

Classification

Type
INCORRECT AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-863
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
shaman0x01
Verified
No
WPVDB ID
623ae327-1b6f-400f-ba59-63b1786f7987

Timeline

Publicly Published
2024-07-01 (about 1 year ago)
Added
2024-07-02 (about 1 year ago)
Last Updated
2024-07-02 (about 1 year ago)

Other

Published
Title
Published
2024-02-05
Title
Prime Slider – Addons For Elementor < 3.11.11 - Incorrect Authorization via bdt_duplicate_as_draft
Published
2022-09-29
Title
Accordions < 2.1.0 - Authenticated Arbitrary Options Update
Published
2022-02-23
Title
WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
Published
2026-01-12
Title
CP Image Store with Slideshow < 1.2.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Product Import
Published
2024-07-16
Title
BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin < 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Arbitrary File Upload