01384 487 800
support@freecom.net
Customer Area
my.freecom.net LoginWebmail Loginfirst4apps LoginMicrosoft 365 LoginRemote Support
  • Home
  • Online Digital Services
    • Creative Website Design
    • Simple Website Hosting
    • Website Security
    • Search Engine Optimisation
    • Bespoke Development
    • Creative Design FAQ’s
  • Domain Names
  • Microsoft 365
  • Support
  • Contact Us
Product has been added to your basket.
Login
my.freecom.net LoginWebmail Loginfirst4apps LoginMicrosoft 365 LoginRemote Support

Bugs in WordPress plugins for online courses let students cheat

Posted on 4 January 2021
Web Design West Midlands - Freecom

Popular WordPress plugins for creating learning management systems (LMS) are rife with vulnerabilities that can be exploited to take control of the platform, get test answers, and modify grades.

These days, such platforms have become the main instrument for delivering courses. Teachers, professors, and possibly hundreds of thousands of students for hundreds of thousands of students rely on them to keep education at levels as close to normal as possible.

Significant impact

LearnPress, LearnDash, and LifterLMS are together part of at least 100,000 websites. Some of them are managed by accredited educational institutions like schools, academies, and universities (Florida, Washington, Michigan); others are used by companies to deliver training sessions (paid or free).

Security researchers at Check Point analyzing the three WordPress plugins found bugs that are more or less trivial to exploit. They provide technical details in a report released today.

In total, they discovered four flaws that could be used to steal personal information (names, emails, usernames, passwords), modify payment schemes, change grades, forge certificates, get their hands on tests in advance, or become teachers.

Some of the vulnerabilities could be exploited without authentication and achieve remote code execution, meaning that an external attacker could take over the LMS platform.

The flaws

Versions of LearnPress 3.2.6.7 and earlier are vulnerable to a time-based blind SQL‌ injection (CVE-2020-6010) that is trivial to leverage and could be avoided by properly sanitizing user input through prepared SQL‌ statements.

Exploiting this problem allows authenticated users to query the system for administrator usernames and hashed passwords. Cracking the passwords depends on how strong they are.

Another glitch on the same platform, tracked as CVE-2020-6011, allows an attacker to assume the role of a teacher by escalating privileges on the system. This possible by taking advantage of legacy code still present in the product.

In LearnDash versions lower than 3.1.6, the researchers found an unauthenticated second-order SQL‌ injection (CVE-2020-6009) that is more difficult to exploit but could also have been prevented through prepared statements.

Looking at LifterLMS, Check Point researchers Omri Herscovici and Sagi Tzadik found that versions lower than 3.37.15 suffer from an arbitrary file write (CVE-2020-6008).

An attacker could exploit this flaw by simply adding malicious PHP code to their first name. This could let them achieve code execution on the server via a planted webshell.

In the video below, you can see how the researchers were able to exploit the vulnerabilities they found in the three LMS plugins for WordPress:

Check Point has informed the developers of the three plugins of the discovered vulnerabilities and new versions have been released to fix the issues. Administrators of websites running these plugins are strongly advised to install the updates.

 

Check out some of our other top blogs here:

How To Double You Business Page Likes From Companies On Facebook In 1 Week
How SEO Services Can Give Your Business A Strong Online Presence
6 Ways to Tell if Your Website is Healthy or Terminal
Previous Post
Are You Looking To Improve Your Success In Sales? Try Our Tips
Next Post
6 Top International SEO Tips For Expanding Businesses

Recent Posts

  • How To Create A Website 8 September 2021
  • 5 Reasons Your Website Needs An SSL 21 June 2021
  • The Sales Sweet Spot Four Stages Of The Content Marketing Sales Funnel 4 January 2021
  • Drive Real Footfall To Your Business With Local SEO 4 January 2021
  • 6 Security Tips To Protect Your Website From Hackers 4 January 2021

Popular Tags

blogs business business growth business help business leads business tips business website ecommerce facebook food google search help with sales lead generation leads more clients more customers more leads more sales plugins responsive web design sales sales help sales tips Search Engine Optimisation SEO seo help seo support seo tips skype social media tips webdesign web design web design tips website design website design tips website help website optimisation website security website support Website Tips website traffic wordpress wordpress help wordpress support Zoom

Contact Us

01384 487 800
support@freecom.net
Cradley Enterprise Centre, Maypole Fields, Halesowen. B63 2QB

Social Media

Online Digital Services

  • Creative Website Design
  • Simple Website Hosting
  • Website Security
  • Search Engine Optimisation (SEO)
  • Bespoke Development
  • Domain Names
  • Microsoft 365

Additional Services

  • Hosted Email
  • Superfast Fibre Broadband

Useful Information

  • Abuse
  • Complaints
  • Privacy Policy
  • Cookie Policy
  • Code of Practice
  • Terms of Sale
  • Terms and Conditions
  • Marketing Opt Out
  • Hosted Server SLA
Microsoft
Nominet

© 2021 Freecom Internet Services Limited

Company Reg No: 0665746461

VAT Reg No: GB 978 6092 61

Cookie Notice
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits.
By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
_GRECAPTCHA5 months 27 daysThis cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_369221_61 minuteSet by Google to distinguish users.
_gcl_au3 monthsProvided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
_fbp3 monthsThis cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr3 monthsFacebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
test_cookie15 minutesThe test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
Powered by CookieYes Logo
Open toolbar

Accessibility Tools

  • Increase Text
  • Decrease Text
  • Grayscale
  • High Contrast
  • Negative Contrast
  • Light Background
  • Links Underline
  • Readable Font
  • Reset