CVE-2024-1289: CWE-285 Improper Authorization in thimpress LearnPress – WordPress LMS Plugin for Create and Sell Online Courses
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed.
AI Analysis
Technical Summary
CVE-2024-1289 is an authorization vulnerability in the LearnPress WordPress LMS plugin up to version 4.2.6.3. The plugin fails to properly validate user-controlled keys when retrieving order information, leading to an Insecure Direct Object Reference (IDOR). This allows authenticated users to view order data and emails belonging to other users and guests. Exploitation can result in unauthorized access to paid course enrollments originally purchased by others. No known exploits are reported in the wild, and no official patch or vendor advisory is currently provided.
Potential Impact
An attacker with authentication can access sensitive order information and user emails belonging to other users and guests. This unauthorized access can be used to fraudulently enroll in paid courses without payment. The confidentiality and integrity of order data are compromised, but availability is not affected. The impact is limited to information disclosure and unauthorized course enrollment.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict plugin access to trusted users only and monitor for suspicious activity related to order lookups. Avoid exposing the plugin to untrusted authenticated users. Follow vendor updates closely for an official patch or temporary workaround.
CVE-2024-1289: CWE-285 Improper Authorization in thimpress LearnPress – WordPress LMS Plugin for Create and Sell Online Courses
Description
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-1289 is an authorization vulnerability in the LearnPress WordPress LMS plugin up to version 4.2.6.3. The plugin fails to properly validate user-controlled keys when retrieving order information, leading to an Insecure Direct Object Reference (IDOR). This allows authenticated users to view order data and emails belonging to other users and guests. Exploitation can result in unauthorized access to paid course enrollments originally purchased by others. No known exploits are reported in the wild, and no official patch or vendor advisory is currently provided.
Potential Impact
An attacker with authentication can access sensitive order information and user emails belonging to other users and guests. This unauthorized access can be used to fraudulently enroll in paid courses without payment. The confidentiality and integrity of order data are compromised, but availability is not affected. The impact is limited to information disclosure and unauthorized course enrollment.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict plugin access to trusted users only and monitor for suspicious activity related to order lookups. Avoid exposing the plugin to untrusted authenticated users. Follow vendor updates closely for an official patch or temporary workaround.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2024-02-06T19:38:24.178Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6d27b7ef31ef0b56e71a
Added to database: 2/25/2026, 9:44:07 PM
Last enriched: 4/9/2026, 7:40:06 PM
Last updated: 4/12/2026, 12:16:25 PM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.