Lucene search

CVE-2024-4971 LearnPress – WordPress LMS Plugin <= 4.2.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

🗓️ 22 May 2024 05:46:32Reported by WordfenceType

CVE-2024-4971 LearnPress WordPress LMS Plugin vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress LearnPress Plugin <= 4.2.6.6 is vulnerable to Cross Site Scripting (XSS)	22 May 202400:00	–	patchstack
WPVulnDB	LearnPress – WordPress LMS Plugin < 4.2.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter	21 May 202400:00	–	wpvulndb
Vulnrichment	CVE-2024-4971 LearnPress – WordPress LMS Plugin <= 4.2.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter	22 May 202405:32	–	vulnrichment
NVD	CVE-2024-4971	22 May 202406:15	–	nvd
CVE	CVE-2024-4971	22 May 202406:15	–	cve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)	30 May 202415:23	–	wordfence

[
  {
    "vendor": "thimpress",
    "product": "LearnPress – WordPress LMS Plugin",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "4.2.6.6",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordpress	www.wordpress.org/plugins/learnpress/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/10b08a05-3561-4d05-985b-6a2339a547a7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 May 2024 05:32Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.4

EPSS0.00249