CVE-2026-8502

🗓️ 06 Jun 2026 02:28:36Reported by WordfenceType

cve🔗 web.nvd.nist.gov👁 30 Views🌐 WEB

Unauthenticated attackers can expose sensitive LearnPress data up to 4.3.6 via return_type and c_status.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2026-8502	6 Jun 202602:28	–	attackerkb
Circl	CVE-2026-8502	6 Jun 202605:29	–	circl
CNNVD	WordPress plugin LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 安全漏洞	6 Jun 202600:00	–	cnnvd
Cvelist	CVE-2026-8502 LearnPress <= 4.3.6 - Unauthenticated Sensitive Information Exposure via 'c_status' and 'return_type' Parameters	6 Jun 202602:28	–	cvelist
EUVD	EUVD-2026-34952	6 Jun 202602:28	–	euvd
NVD	CVE-2026-8502	6 Jun 202604:17	–	nvd
Patchstack	WordPress LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin <= 4.3.6 - Unauthenticated Sensitive Information Exposure vulnerability	5 Jun 202614:23	–	patchstack
Positive Technologies	PT-2026-47134	6 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-8502	7 Jun 202608:59	–	redhatcve
Vulnrichment	CVE-2026-8502 LearnPress <= 4.3.6 - Unauthenticated Sensitive Information Exposure via 'c_status' and 'return_type' Parameters	6 Jun 202602:28	–	vulnrichment

Vulners

Node

thimpress learnpress_wordpress_lms_plugin_for_create_and_sell_online_coursesRange≤4.3.6wordpress

[
  {
    "vendor": "thimpress",
    "product": "LearnPress – WordPress LMS Plugin for Create and Sell Online Courses",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "4.3.6",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/rest-api/v1/frontend/class-lp-rest-courses-controller.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/a32a6ea3-4473-4075-b660-9bba083ae0bf
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/rest-api/v1/frontend/class-lp-rest-courses-controller.php
plugins	www.plugins.trac.wordpress.org/changeset
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Databases/class-lp-course-db.php
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Models/Courses.php
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Models/Courses.php
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Models/Courses.php
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/rest-api/v1/frontend/class-lp-rest-courses-controller.php
plugins	www.plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/rest-api/v1/frontend/class-lp-rest-courses-controller.php

Parameter	Position	Path	Description	CWE
c_status	query param	/wp-json/lp/v1/courses/archive-course	Sensitive information exposure via unrestricted SELECT * fallback when c_status=all and return_type=json are supplied to the archive-course endpoint (unauthenticated).	CWE-862
return_type	query param	/wp-json/lp/v1/courses/archive-course	Sensitive information exposure via unrestricted SELECT * fallback when c_status=all and return_type=json are supplied to the archive-course endpoint (unauthenticated).	CWE-862

17 Jun 2026 11:04Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.3

EPSS0.00353

SSVC

CWE-862