WordPress Plugin Vulnerabilities

WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure

Description

The plugin does not protect the courses which could be accessed by unauthenticated users using the REST API (/wp-jon/) endpoints. This could result in attackers accessing paying content without authorisation.

Affects Plugins

Plugin icon
wp-courses
Fixed in 2.0.29

References

CVE
CVE-2020-26876
Exploitdb
48910
URL
https://packetstormsecurity.com/files/#159301/
URL
https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
7.5 (high)

Miscellaneous

Original Researcher
Red Timmy
Verified
No
WPVDB ID
9215b11f-26ae-4a66-9971-bc8347d510e3

Timeline

Publicly Published
2020-09-28 (about 5 years ago)
Added
2020-09-28 (about 5 years ago)
Last Updated
2020-11-03 (about 5 years ago)

Other

Published
Title
Published
2024-08-24
Title
PowerPack Pro for Elementor < 2.10.15 - Contributor+ Privilege Escalation
Published
2021-01-28
Title
uListing < 1.7 - Unauthenticated Arbitrary Account Creation
Published
2024-05-03
Title
SimpleShop < 2.10.1 - Cross-Site Request Forgery
Published
2022-06-27
Title
miniOrange's Google Authenticator < 5.5.75 - Reflected Cross-Site Scripting
Published
2021-04-20
Title
Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Plugin Installation