Executive Summary

The vulnerability exists in the LearnPress Export Import WordPress extension for the LearnPress plugin. It is caused by a missing capability check on the 'delete_migrated_data' function in all versions up to and including 4.1.0. This flaw allows unauthenticated attackers to delete courses that have been migrated from the Tutor LMS plugin, provided that Tutor LMS is installed and activated.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized deletion of migrated course data from Tutor LMS within the LearnPress plugin. An attacker without authentication can exploit this to delete important educational content, causing data loss and disruption of course availability.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability involves unauthorized deletion of migrated course data via the 'delete_migrated_data' REST API endpoint in the LearnPress Export Import plugin for WordPress. Detection can focus on monitoring REST API calls to the endpoint '/delete-migrated-data/tutor'."}, {'type': 'paragraph', 'content': "You can detect potential exploitation attempts by checking your web server logs or WordPress access logs for DELETE requests to the '/wp-json/lp-import-export/v1/delete-migrated-data/tutor' endpoint (the exact REST route prefix may vary depending on plugin configuration)."}, {'type': 'list_item', 'content': "Use command-line tools like grep to search for suspicious DELETE requests in your access logs, for example: `grep 'DELETE /wp-json/lp-import-export/v1/delete-migrated-data/tutor' /var/log/apache2/access.log`"}, {'type': 'list_item', 'content': 'Monitor WordPress REST API logs or enable logging plugins that capture REST API calls to identify unauthorized access attempts.'}, {'type': 'list_item', 'content': 'Check for unexpected deletion of courses migrated from Tutor LMS by reviewing the WordPress admin interface or querying the database for missing migrated course entries.'}] [2]

Useful 0 Not Useful 0

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediate steps include restricting access to the vulnerable REST API endpoint and updating the plugin.'}, {'type': 'list_item', 'content': "Update the LearnPress Export Import plugin to a version later than 4.1.0 where the missing capability check on the 'delete_migrated_data' function is fixed."}, {'type': 'list_item', 'content': "If an update is not immediately available, restrict access to the REST API endpoint '/delete-migrated-data/tutor' by implementing firewall rules or web server access controls to block unauthenticated DELETE requests."}, {'type': 'list_item', 'content': 'Disable or deactivate the LearnPress Export Import plugin if the migration functionality is not required.'}, {'type': 'list_item', 'content': 'Ensure that the Tutor LMS plugin is only installed and activated if necessary, as the vulnerability requires Tutor LMS to be active to be exploitable.'}] [2]

Useful 0 Not Useful 0