Researchers disclosed critical-severity flaws in three popular WordPress plugins used widely by colleges and universities. It was discovered that the flaws could be used to steal personal information (including names, emails, usernames, passwords), modify payment schemes, change grades, forge certificates or access tests in advance. These plugins LearnPress, LearnDash
According to the #CheckPoint, the three #WordPress plugins in question — #LearnPress, #LearnDash, and #LifterLMS — have #security flaws that could permit #unauthenticated users, to pilfer #personalinformation and even attain teacher privileges. #PII https://t.co/gMlV4yY0dj
— Taslet Security (@TasletCom) May 1, 2020
Experts Comments
Linkedin Message
@Tim Mackey, Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center), provides expert commentary at @Information Security Buzz.
"The scope of these vulnerabilities demonstrate why procurement processes should include a security verification step...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-bugs-in-wordpress-plugins-learnpress-learndash-and-lifterlms-for-online-courses-let-students-cheat
Facebook Message
@Tim Mackey, Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center), provides expert commentary at @Information Security Buzz.
"The scope of these vulnerabilities demonstrate why procurement processes should include a security verification step...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-bugs-in-wordpress-plugins-learnpress-learndash-and-lifterlms-for-online-courses-let-students-cheat
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Staying up to date on versions helps but cannot guarantee the integrity of the third-party code...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-bugs-in-wordpress-plugins-learnpress-learndash-and-lifterlms-for-online-courses-let-students-cheat
Facebook Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Staying up to date on versions helps but cannot guarantee the integrity of the third-party code...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-comments-on-bugs-in-wordpress-plugins-learnpress-learndash-and-lifterlms-for-online-courses-let-students-cheat