Critical Vulnerability in Tutor LMS Pro WordPress Plugin
The Tutor LMS Pro WordPress plugin, a popular tool for creating and managing online courses, has been found to have a critical vulnerability. This vulnerability, which is rated 8.8 out of 10, allows an attacker who has access to the system to extract sensitive information from the WordPress database. It affects all versions of the plugin up to and including 3.7.0.
What is the Vulnerability?
The vulnerability is caused by the improper handling of user-supplied data. This allows attackers to inject SQL code into a database query. According to the Wordfence advisory, the vulnerability exists in the get_submitted_assignments() function due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query.
How Does the Attack Work?
The type of attack that can be carried out using this vulnerability is called a time-based SQL injection attack. In this type of attack, the attacker determines whether a query is valid by measuring how long the database takes to respond. The attacker can use the vulnerable order parameter to insert SQL code that delays the database’s response. By timing these delays, the attacker can deduce information stored in the database.
Why is This Vulnerability Dangerous?
Although exploiting this vulnerability requires the attacker to have authenticated access to the system, a successful exploitation could be used to access sensitive information. This makes it a serious issue that needs to be addressed. The good news is that updating to the latest version of the plugin, 3.7.1 or higher, can fix the problem.
Conclusion
The vulnerability in the Tutor LMS Pro WordPress plugin is a serious issue that can be exploited by attackers to access sensitive information. However, by updating to the latest version of the plugin, users can protect themselves from this vulnerability. It’s essential for anyone using this plugin to take immediate action and update to a secure version to prevent potential attacks.