CVE-2015-10139

The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the wp_ajax_import_data AJAX action. This makes it possible for authenticated attackers to change otherwise restricted settings and potentially create a new accessible admin account.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Name	Vendor	Start Version	End Version
Wordpress_learning_management_system_	Vibethemes	1.5.2 (including)	1.8.9 (excluding)

Potential Mitigations

https://cwe.mitre.org/data/definitions/122.html
https://cwe.mitre.org/data/definitions/233.html
https://cwe.mitre.org/data/definitions/58.html

References

https://packetstormsecurity.com/files/130291/
https://themeforest.net/item/wplms-learning-management-system/6780226
https://twitter.com/_wpscan_/status/564874637679820800?lang=ca
https://wpscan.com/vulnerability/7785
https://www.rapid7.com/db/modules/auxiliary/admin/http/wp_wplms_privilege_escalation/
https://www.wordfence.com/threat-intel/vulnerabilities/id/6e0e8f5f-8216-4276-a810-860f9b52c447?source=cve

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-10139
CWE	https://cwe.mitre.org/data/definitions/269.html

Improper Privilege Management

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References