Plugin Name: LearnPress
- Software Type: Plugin
- Software Slug: learnpress
- Software Status: Active
- Software Author: thimpress
- Software Downloads: 3,770,912
- Active Installs: 90,000
- Last Updated: November 7, 2023
- Patched Versions: 22.214.171.124
- Affected Versions: < 126.96.36.199
- Name: LearnPress <= 188.8.131.52 - Reflected Cross-Site Scripting via add_internal_scripts_to_head
- Title: Reflected Cross-Site Scripting via add_internal_scripts_to_head
- Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVSS Score: 6.1 (Medium)
- Publicly Published: November 7, 2023
- Description: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the add_internal_scripts_to_head function in all versions up to and including 184.108.40.206 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
The LearnPress for WordPress has a vulnerability in versions up to and including 220.127.116.11 that allows for reflected cross-site scripting via the add_internal_scripts_to_head function. This vulnerability has been patched in version 18.104.22.168.
Advice for Users:
- Immediate Action: Update to LearnPress version 22.214.171.124 or later to resolve the vulnerability.
- Alternate Plugins: Consider alternatives like Sensei LMS or WP Courseware as a precaution.
- Stay Updated: Always keep your WordPress site and plugins updated to avoid future vulnerabilities.
The prompt patch released by LearnPress highlights the need to keep software updated to the latest versions. Users should update to version 126.96.36.199 as soon as possible to prevent potential compromise through this reflected XSS vulnerability affecting earlier releases.
Don't let your website become the next victim. Take a few minutes today to update LearnPress if you use it, or any other out-of-date plugins. If you need help auditing your site's security or lack the technical skills to update plugins, we're here to assist. Our team of WordPress experts can perform a full security review, provide remediation recommendations, and even handle the update process for you. With website hacking threats growing daily, there's no time to delay. Reach out now to proactively secure your site instead of waiting to react once it's too late. We're ready to help you lock things down.
Overview of Vulnerability
The LearnPress plugin for WordPress contains a reflected cross-site scripting (XSS) vulnerability in versions up to and including 188.8.131.52. This is due to insufficient sanitization of user-supplied input by the
add_internal_scripts_to_head function before outputting it back in page content.
Risks and Impacts
While this vulnerability requires some social engineering rather than allowing automated mass exploitation, it remains highly dangerous. A successful attack can give the attacker full control over a victim's user account and website. Impacts may include:
- Account takeover
- Installation of backdoors
- Data exfiltration
- Further exploitation of the website and connected systems
Remediating the Vulnerability
LearnPress developers have released version 184.108.40.206 to address this reflected XSS flaw. Users should update as soon as possible to protect their websites. If you need assistance updating or auditing your site's security, our team of WordPress experts is ready to help.
For site owners lacking the time or technical skills to promptly update plugins, using a managed WordPress hosting provider is worth considering. These services maintain your site's software for you, promptly applying security patches.
Past LearnPress Vulnerabilities
This newly disclosed reflected XSS vulnerability is far from the first security issue affecting LearnPress. According to available data, there have been 23 previous vulnerabilities patched in LearnPress since November 2018 covering a range of weaknesses from CSRF to arbitrary file deletion.
This long history of flaws underscores the importance of regularly updating LearnPress installations or considering alternative plugins. Relying on outdated plugin code is a recipe for disaster.
Security vulnerabilities like this one demonstrate the importance of having WordPress experts regularly monitor, maintain and update your site. At Your WP Guy, we offer ongoing management to handle updates, security monitoring, backups, uptime and support so you can stop worrying and get back to growing your business.
Let us fully audit your site to check for any signs of this vulnerability or other issues. We'll immediately update any out-of-date plugins and harden your site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 to lock down your online presence.