A lot of fun!
Definitely more easy-medium than easy, but I liked it a lot since a machine that’s too point-and-shoot can feel a bit meaningless. The foothold was a good introduction to that particular type of vuln, and privesc was straightforward while still requiring a tiny bit of work to determine what was needed.
Don’t bother with hints beyond the aforementioned “OWASP Top-10” on this one, it’s fairly easy for a beginner - some googling will get you there 