Plateforme
wordpress
Composant
learnpress
Corrigé dans
4.2.6
CVE-2023-6567 is a critical SQL Injection vulnerability affecting the LearnPress plugin for WordPress. This vulnerability allows unauthenticated attackers to inject malicious SQL queries, potentially leading to data exfiltration. The issue impacts versions of LearnPress up to and including 4.2.5.7. A patch is available to address this vulnerability.
The SQL Injection vulnerability in LearnPress allows attackers to manipulate database queries through the ‘order_by’ parameter. Successful exploitation could enable attackers to extract sensitive information stored within the WordPress database, such as user credentials, course details, and payment information. Depending on the database structure and permissions, an attacker might even be able to modify or delete data. This vulnerability is particularly concerning given the prevalence of WordPress and the potential for widespread impact if exploited in a large number of LearnPress installations.
CVE-2023-6567 was publicly disclosed on January 11, 2024. While no active exploitation campaigns have been definitively confirmed, the CRITICAL severity and ease of exploitation make it a high-priority target. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation. This vulnerability is not currently listed on the CISA KEV catalog.
WordPress websites utilizing the LearnPress plugin, particularly those running versions prior to 4.2.5.7, are at significant risk. Shared hosting environments where multiple websites share the same database are especially vulnerable, as a compromise of one site could potentially impact others. Websites with sensitive user data or financial information stored within the LearnPress database are also at higher risk.
• wordpress / composer / npm:
grep -r "order_by" /var/www/html/wp-content/plugins/learnpress/• generic web:
curl -I 'https://your-wordpress-site.com/?orderby='; # Check for unusual response headersdisclosure
Statut de l'Exploit
EPSS
82.25% (percentile 99%)
Vecteur CVSS
The primary mitigation for CVE-2023-6567 is to immediately update LearnPress to a version that includes the fix. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to filter requests containing suspicious SQL syntax in the ‘order_by’ parameter. Carefully review and sanitize any user input used in SQL queries within the LearnPress plugin. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the affected endpoint and verifying that the query is properly sanitized.
Actualice el plugin LearnPress a la última versión disponible. La versión 4.2.5.8 o superior corrige la vulnerabilidad de inyección SQL. Esto se puede hacer a través del panel de administración de WordPress, en la sección de plugins.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2023-6567 is a critical SQL Injection vulnerability in the LearnPress WordPress LMS plugin, allowing attackers to potentially extract sensitive data from the database.
You are affected if you are using LearnPress version 4.2.5.7 or earlier. Immediately check your plugin version and upgrade if necessary.
Upgrade LearnPress to the latest version, which includes the necessary fix. Consider a WAF as a temporary mitigation if upgrading is not immediately possible.
While no confirmed active exploitation campaigns are currently known, the vulnerability's severity and ease of exploitation suggest a high likelihood of future attacks.
Refer to the LearnPress official website and WordPress security announcements for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.