LearnPress < 3.2.6.7 - Privilege Escalation



Description
"Any authenticated user can change its role to an instructor/teacher and gain access to otherwise restricted data."

Affects Plugin

fixed in version 3.2.6.7

References

CVE 2020-7916
CVE 2020-7917

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Views 1157
Verified No
WPVDB ID 10134

Timeline

Publicly Published 2020-03-16 (18 days ago)
Added 2020-03-16 (17 days ago)
Last Updated 2020-03-17 (17 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin