807 matches found
CVE-2018-16173
Cross-site scripting vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-16174
The CVE-2018-16174 Open Redirect affects the WordPress LearnPress plugin, specifically versions prior to 3.1.0. The vulnerability allows remote attackers to redirect logged-in users to arbitrary sites, enabling phishing. The OpenVAS and JVN entries corroborate a multi-source disclosure of this is...
WordPress plugin LearnPress open to redirection vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An open redirection vulnerability exists in the WordPress plugin LearnPress, where accessing a crafted URL may cause logged-i...
WordPress plugin LearnPress cross-site scripting vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin LearnPress, which can be exploited by an attacker to...
WordPress Plugin LearnPress SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress plugin LearnPress, which allows users with administrative privileges to...
Multiple vulnerabilities in WordPress plugin "LearnPress"
Overview WordPress LMS plugin "LearnPress" contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16173 Open Redirect CWE-601 - CVE-2018-16174 SQL Injection CWE-89 - CVE-2018-16175 Daiki Sueyoshi of Cryptography Laboratory, Department of Information and Communicati...
JVN#85760090: Multiple vulnerabilities in WordPress plugin "LearnPress"
WordPress LMS plugin "LearnPress" contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16173 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Open...