CVE-2024-5483 Scanner
CVE-2024-5483 Scanner - Information Disclosure vulnerability in LearnPress
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 weeks 13 hours
Scan only one
URL
Toolbox
LearnPress is a popular WordPress LMS plugin used globally by educators, institutions, and e-learning platforms to manage online learning environments. This plugin allows users to create courses, manage learners, and track progress effectively and efficiently within WordPress. Many educational websites and school portals rely on LearnPress to deliver a seamless educational experience. It provides robust capabilities for managing course content, quizzes, and learner interactions, making it a preferred choice for creating dynamic educational content.
The Information Disclosure vulnerability in LearnPress allows unauthenticated attackers to access sensitive user data. This vulnerability results from an incorrect implementation of the get_items_permissions_check function in versions up to 4.2.6.8. When exploited, attackers can extract user details such as emails and usernames without authorization. This exposure can lead to significant privacy and security issues if left unaddressed.
Technical details of the vulnerability involve access to the endpoint {{BaseURL}}/wp-json/learnpress/v1/users, which returns a JSON response with user data. The vulnerability stems from improper permission checks, allowing anyone to retrieve this sensitive information without needing any authentication. The information disclosed includes user emails and usernames, which can be viewed when the server returns status code 200 and content type "application/json". The regular expression is used to extract these details from the JSON response payload.
When exploited, this vulnerability can lead to unauthorized access to critical user information, including email addresses, potentially opening avenues for phishing attacks, spam campaigns, and other privacy breaches. Users' personal data could be compromised, leading to trust issues and reputational damage to the websites using the vulnerable plugin. Information exposure could be leveraged for social engineering attacks targeting affected users.
REFERENCES
