CVE-2023-30487

CVE-2023-30487 is an unauthenticated cross-site scripting (XSS) vulnerability in the LearnPress Export Import plugin for WordPress. Affected versions are

WordPress plugin LearnPress Export Import 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-22724 · Thimpress · Thimpress Learnpress Export Import Plugin

Name of the Vulnerable Software and Affected Versions: ThimPress LearnPress Export Import plugin versions prior to 4.0.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...

WordPress LearnPress Export Import Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software LearnPress Export Import Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30487 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 06e400cc51dd Credits LEE SE...

LearnPress Export Import < 4.0.3 - Reflected XSS

The plugin does not sanitise and escape the learn-press-export-file-name parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

LearnPress Plugin for WordPress < 4.2.0 SQL Injection

The WordPress LearnPress Plugin installed on the remote host is affected by a sql injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

Update your LearnPress plugins now!

Its time for a reminder to ensure all of your WordPress plugins are fully up to date or removed, if you don't need them. Bleeping Computer reports that as many as 75,000 WordPress sites may be open to several flaws in a plugin called LearnPress. Worse, the update tally for users of the plugin isn...

CVE-2022-47615

Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

CVE-2022-47615

Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

Remote file inclusion

Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

CVE-2022-45820

SQL Injection SQLi vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

CVE-2022-45808

SQL Injection vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

CVE-2022-45808

SQL Injection vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

Sql injection

SQL Injection vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

Sql injection

SQL Injection SQLi vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

WordPress Plugin LearnPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin LearnPress...

WordPress plugin LMS LearnPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Plugin LearnPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin LearnPress...

WordPress LearnPress Plugin <= 4.1.7.3.2 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:thimpress:learnpress"; if description...

CVE-2022-45820 WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection

SQL Injection SQLi vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...