797 matches found
CVE-2025-13964
CVE-2025-13964 : LearnPress – WordPress LMS Plugin (LearnPress) is vulnerable to unauthorized modification of course data due to a missing capability check in catch_lp_ajax, affecting all versions up to 4.3.2. This allows unauthenticated attackers to add/remove/update/reorder sections and section...
CVE-2025-13964 LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catchlpajax function in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to modify course contents b...
CVE-2025-13964 LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catchlpajax function in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to modify course contents b...
WordPress plugin LearnPress – WordPress LMS Plugin 安全漏洞
...
PT-2026-1425
Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions up to and including 4.3.2 Description The LearnPress – WordPress LMS Plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the catch l...
WordPress LearnPress – WordPress LMS Plugin plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification vulnerability
Missing Authentication to Unauthenticated Course Modification vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin LearnPress versions = 4.3.2...
CVE-2025-66054
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
CVE-2025-66054
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
CVE-2025-66054
CVE-2025-66054 describes a missing authorization vulnerability in the WordPress LearnPress plugin (LearnPress
EUVD-2025-204053
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
CVE-2025-66054 WordPress LearnPress plugin <= 4.2.9.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
CVE-2025-66054 WordPress LearnPress plugin <= 4.2.9.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
WordPress plugin LearnPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-52192
Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through = 4.2.9.4...
CVE-2025-13956
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-14387
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and abov...
WordPress LearnPress plugin <= 4.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via get_profile_social vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via getprofilesocial vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin LearnPress versions = 4.3.1...
CVE-2025-13956
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...