Flaws in LearnPress plug-in leaves student information unprotected
Exploit: Software vulnerability
LearnPress: WordPress plug-in
Risk to Small Business: 1.708 = Severe Cybersecurity researchers identified flaws in the LearnPress plug-in that could allow hackers to access student information, steal money from course creators, or to alter their access privileges to become teachers. The popular WordPress plug-in is used by more than 100,000 schools, organizations, and content creators who rely on these digital services even more now that eLearning is the de-facto presentation method for nearly all students.
Individual Risk: At this time, there is no evidence that personal information was compromised in the breach. However, users should carefully monitor their accounts and credentials for misuse or abuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Developers took steps to repair the vulnerability, but businesses that want to thrive in our altered digital environment will need to identify threats before their products reach the public. As other organizations have discovered, the COVID-19 pandemic can be an excellent time to demonstrate strength or expose yourself to issues that will erode your brand’s image long after the crisis abates.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
