$1,313 Bounty Awarded for Privilege Escalation Vulnerability Patched in Academy LMS WordPress Plugin
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure!
On February 14th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege Escalation vulnerability in Academy LMS, a WordPress plugin with more than 1,000+ active installations. This vulnerability makes it possible for an authenticated attacker to grant themselves administrative privileges by updating user metadata.
Props to Lucio Sá who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $1,313.00 for this discovery during our Bug Bounty Program Extravaganza.
All Wordfence Premium, Wordfence Care, and Wordfence Response customers, as well as those using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s built-in Privilege Escalation via User Meta Updates protection.
We contacted the Academy LMS Team on February 14, 2024, and received a response on February 15, 2024. After providing full disclosure details, the developer released a patch on February 19, 2024. We would like to commend the Academy LMS Team for their prompt response and timely patch.
We urge users to update their sites with the latest patched version of Academy LMS, which is version 1.9.20, as soon as possible.
Vulnerability Summary from Wordfence Intelligence
Description: Academy LMS – eLearning and online course solution for WordPress
Source: wordfence.com