Reflected XSS Vulnerability found in LearnDash LMS Plugin [3.0.0 – 3.1.1] – Update Immediately
While performing a security audit on one of our client’s website, I discovered a reflected cross-site scripting vulnerability in the WordPress LMS plugin by LearnDash. All WordPress websites using LearnDash version from 3.0.0 through 3.1.1 are affected.
CVE ID: CVE-2020-7108
CWE ID: CWE-79
LearnDash is one of the most popular and easiest to use WordPress LMS plugins in the market. It allows users to easily create courses and sell them online and boasts a large customer base. The XSS vulnerability in LearnDash can be exploited by attackers against authenticated users to perform malicious actions such as stealing the victim’s session cookies or login credentials, performing arbitrary actions on the victim’s behalf, logging their keystrokes and more.
Vulnerability reported to the LearnDash team – January 14, 2020
LearnDash version 3.1.2 containing the fix to the vulnerability was released on the same day.
It is highly recommended to update the plugin to the latest version. If you are using the Astra Security Suite, you are protected against this vulnerability.
For best security practices, you can follow the below guides: