2 matches found
LearnPress < 4.3.2 - Broken Access Control
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
WordPress LearnPress plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability
Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin LearnPress versions = 4.3.1...