A sequence of essential vulnerabilities affecting the extensively used WPLMS and VibeBP plugins for WordPress have been recognized by safety researchers.
These plugins are important elements of the WPLMS premium LMS theme, which counts over 28,000 gross sales. They’re primarily used for creating on-line programs, managing college students and promoting instructional content material.
The vulnerabilities, now patched, posed important dangers, together with unauthorized file uploads, privilege escalation and SQL injection assaults.
Crucial Vulnerabilities Recognized
Among the many most extreme flaws found by PatchStack had been arbitrary file uploads, together with CVE-2024-56046, permitting attackers to add malicious information, doubtlessly resulting in distant code execution (RCE).
Privilege escalation vulnerabilities together with CVE-2024-56043 enabled unauthenticated and low-privileged customers to raise their roles to administrator, risking full web site takeovers. SQL injection vulnerabilities had been additionally uncovered, akin to CVE-2024-56042, exposing delicate database info by way of malicious queries.
The vulnerabilities had been present in varied functionalities, together with registration types and REST API endpoints.
Researchers reported 18 vulnerabilities in whole, with a number of deemed essential.
Learn extra on WordPress safety: Safety Flaws in WordPress Woffice Theme Prompts Pressing Replace
Updates Launched for WPLMS and VibeBP
To deal with these points, the builders have issued updates for WPLMS (model 1.9.9.5.3) and VibeBP (model 1.9.9.7.7).
The builders addressed these vulnerabilities by introducing stricter controls and safety checks.
For arbitrary file add flaws, they restricted uploadable file sorts, added permission checks and, in some circumstances, eliminated weak code. Privilege escalation points had been mitigated by implementing position restrictions throughout registration and implementing whitelists for permissible choices. To counter SQL injection dangers, they utilized correct enter escape and secured affected variables and code.
Customers are urged to use these patches instantly to guard their websites.
To forestall related vulnerabilities, builders are inspired to implement the next safety measures:
-
Prohibit file uploads by checking file names and kinds
-
Use position allowlists for registration processes and default roles
-
Escape all consumer inputs in SQL queries and favor ready statements