{"vulnerability": "cve-2020-26876", "sightings": [{"uuid": "a1314a27-bdf2-4db4-9534-35993de853f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26876", "type": "exploited", "source": "https://t.me/arpsyndicate/2823", "content": "#ExploitObserverAlert\n\nCVE-2020-26876\n\nDESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-26876. The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom post types (e.g., /wp-json/wp/v2/course and /wp-json/wp/v2/lesson exist).\n\nFIRST-EPSS: 0.019880000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-16T04:21:25.000000Z"}]}