CVE-2020-6009: 
WordPress vulnerability analysis and mitigation

LearnDash WordPress plugin versions below 3.1.6 were identified with an Unauthenticated SQL Injection vulnerability, tracked as CVE-2020-6009. The vulnerability was discovered in January 2020 and publicly disclosed on April 1, 2020. This security flaw affects the LearnDash learning management system (LMS) plugin, which is used by approximately 100,000 different educational platforms, including major universities (Hacker News).

The vulnerability is classified as a SQL injection flaw that allows an adversary to craft malicious SQL queries by exploiting PayPal's Instant Payment Notification (IPN) message service simulator to trigger fake course enrollment transactions. The severity of this vulnerability is rated as Critical with a CVSS v3.1 Base Score of 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The vulnerability is categorized under CWE-89: Improper Neutralization of Special Elements used in an SQL Command (NVD).

The vulnerability could allow attackers to steal personal information including names, emails, usernames, and passwords. Additionally, it could enable unauthorized access to sensitive data, potentially allowing students to change grades, retrieve tests and test answers beforehand, and forge certificates (Hacker News).

The vulnerability has been patched in LearnDash version 3.1.6. Users are strongly recommended to upgrade to this version or later to address the security issue (Release Notes).