CVE-2022-3360 — Deserialization of Untrusted Data in Learnpress

CWE-502 — Deserialization of Untrusted Data3 documents3 sources

Severity

8.1HIGHNVD

EPSS

15.2%

top 5.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Thimpress Learnpress

Timeline

PublishedOct 31

Description

The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint available to unauthenticated users, which could lead to PHP Object Injection when a suitable gadget is present, leadint to remote code execution (RCE). To successfully exploit this vulnerability attackers must have knowledge of the site secrets, allowing them to generate a valid hash via the wp_hash() function.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

▶NVDthimpress/learnpress< 4.1.7.2

🔴Vulnerability Details

GHSA

GHSA-7h2h-qrhm-554p: The LearnPress WordPress plugin before 4↗2022-10-31

▶

CVEList

LearnPress < 4.1.7.2 - Unauthenticated PHP Object Injection via REST API↗2022-10-31

▶