CVE-2020-7916

Published: Mar 16, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher URI without any additional permission checks. Therefore, any user can change its role to an instructor/teacher and gain access to otherwise restricted data.

Affected (1)

Products: Thimpress: Learnpress

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Thimpress Learnpress	Up to 3.2.6.5

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://wordpress.org/plugins/learnpress/#developers

Source: cve@mitre.org

Release NotesThird Party Advisory

https://wordpress.org/plugins/learnpress/#developers

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

Timeline

No history available yet.