Advisory No: TZCERT/SA/2024/05/10-2
Date of First Release: 10th May 2024
Source: Wordfence
Software Affected: Hotel Booking Lite, LearnPress
Overview:
WordPress CMS is vulnerable to two (2) critical vulnerabilities. The attackers can leverage the vulnerabilities to execute code and gain access to sensitive information.
Description:
Two plugins namely Hotel Booking Lite, LearnPress are affected by critical vulnerabilities both rated at 9.8 and tracked as CVE-2024-4413 and CVE-2024-4434. The flaws exist as a result of PHP Object Injection in Hotel Booking Lite plugin, and due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query for LearnPress . The attackers can exploit the vulnerability to execute codes and gain access to sensitive information respectively.
Impact:
Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system and gain access to sensitive information.
Solution:
WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/motopress-hotel-booking-lite/hotel-booking-lite-4111-unauthenticated-php-object-injection
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-wordpress-lms-plugin-4265-unauthenticated-time-based-sql-injection