LifterLMS < 3.37.15 - Arbitrary File Writing

Affects Plugin

fixed in version 3.37.15

References

CVE 2020-6008
URL https://plugins.trac.wordpress.org/changeset/2271040/lifterlms

Classification

Type RCE
OWASP Top 10 A1: Injection
CWE CWE-94

Miscellaneous

Original Researcher Omri Herscovici and Sagi Tzadik (Check Point Research)
Views 1446
Verified No
WPVDB ID 10159

Timeline

Publicly Published 2020-03-31 (about 2 months ago)
Added 2020-03-31 (about 2 months ago)
Last Updated 2020-04-01 (about 2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin