BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • 75,000 WordPress websites vulnerable to hacker attacks


    LearnPress is a learning management system (LMS) plugin that allows WordPress websites to easily create online courses, lessons, quizzes, and tests. It provides website visitors with a user-friendly interface and does not require programming knowledge from the developer.

    Vulnerabilities in a plugin used by over 100,000 active sites were discovered by PatchStack between November 30 and December 2, 2022 and brought to the attention of the software vendor.

    The issues were fixed on December 20, 2022 with the release of LearnPress version 4.2.0. However, according to WordPress.org statistics, only 25% of users have updated the plugin to the latest version. This means that approximately 75,000 websites are still using the vulnerable version of LearnPress and are vulnerable to malicious attacks.

    The first vulnerability discovered by PatchStack was CVE-2022-47615, a non-authenticated local file inclusion (LFI) vulnerability that allows hackers to display the contents of local files stored on a web server. This can expose credentials, authorization tokens, and API keys, leading to further compromise.

    The vulnerability was discovered in a piece of code that handles API requests for a website, located in the list_courses function, which does not validate properly defined variables ($template_pagination_path, $template_path and $template_path_item).

    The second critical vulnerability, CVE-2022-45808, is an unauthenticated SQL injection that can lead to the disclosure of sensitive information, data modification, and arbitrary code execution.

    The vulnerability lies in the handling of SQL queries for a website that incorrectly cleans and validates the "$filter" variable in query parameters, allowing an attacker to inject malicious code into it.

    The third vulnerability affecting older versions of LearnPress is CVE-2022-45820 - Authenticated SQL Injection Error in two plugin shortcodes ("learn_press_recent_courses" and "learn_press_featured_courses") preventing proper validation and sanitization of the "$args" variable input".

    PatchStack representatives have already provided a PoC exploit demonstrating how the user “Contributor” can initiate a SQL injection using a specially crafted shortcode in a draft post. Only users with the ability to edit or create a new blog entry can implement the vulnerability, which limits the risk of exploitation.

    The LearnPress developers in the latest update whitelisted and cleaned up vulnerable variables by removing the ability to include templates in user input. Website owners using LearnPress are advised to either upgrade to version 4.2.0 or temporarily disable the plugin until they can apply an available security update.

    Author DeepWeb
    North Korean hackers exploit Zimbra mail server vulnerability in their 'No Pineapple' malware campaign
    Developers and pentesters are the most in-demand IT professionals on the dark web

    Comments 0

    Add comment