WordPress LifePress plugin <= 2.2.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin LifePress versions = 2.2.2...

EUVD-2026-29406

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lpupdatemds AJAX action in all versions up to, and including, 2.2.2. This is due to the wpajaxnoprivlpupdatemds action being registered without nonce verification or capability checks,...

CVE-2026-6690

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lpupdatemds AJAX action in all versions up to, and including, 2.2.2. This is due to the wpajaxnoprivlpupdatemds action being registered without nonce verification or capability checks,...

CVE-2026-6690

The CVE-2026-6690 entry details a Stored Cross-Site Scripting vulnerability in LifePress for WordPress, affecting all versions up to 2.2.2. The issue stems from the wp_ajax_nopriv_lp_update_mds action being registered without nonce verification or capability checks and from insufficient input san...

CVE-2026-6690

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lpupdatemds AJAX action in all versions up to, and including, 2.2.2. This is due to the wpajaxnoprivlpupdatemds action being registered without nonce verification or capability checks,...

CVE-2026-6690 LifePress <= 2.2.2 - Unauthenticated Stored Cross-Site Scripting via 'n' Parameter via lp_update_mds AJAX Action

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lpupdatemds AJAX action in all versions up to, and including, 2.2.2. This is due to the wpajaxnoprivlpupdatemds action being registered without nonce verification or capability checks,...

CVE-2026-6690 LifePress <= 2.2.2 - Unauthenticated Stored Cross-Site Scripting via 'n' Parameter via lp_update_mds AJAX Action

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lpupdatemds AJAX action in all versions up to, and including, 2.2.2. This is due to the wpajaxnoprivlpupdatemds action being registered without nonce verification or capability checks,...

WordPress plugin LifePress 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-39961

The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lp update mds AJAX action in all versions up to, and including, 2.2.2. This is due to the wp ajax nopriv lp update mds action being registered without nonce verification or capability...

CVE-2026-24563

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.2.1...

CVE-2026-24563

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.2.1...

CVE-2026-24563

CVE-2026-24563 is a Missing Authorization / broken access control vulnerability in the LifePress WordPress plugin (LifePress lifepress) affecting versions up to and including 2.1.3. Multiple connected sources (PatchStack, CVE lists, RH advisory) corroborate an authorization flaw that could permit...

CVE-2026-24563 WordPress LifePress plugin <= 2.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.2.1...

CVE-2026-24563 WordPress LifePress plugin <= 2.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.2.1...

CVE-2026-24563

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.1.3...

WordPress plugin LifePress has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4405

Name of the Vulnerable Software and Affected Versions LifePress versions through 2.1.3 Description An authorization issue exists in LifePress, allowing exploitation of incorrectly configured access control security levels. Recommendations Update LifePress to a version later than 2.1.3...

WordPress LifePress plugin <= 2.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin LifePress versions = 2.2.1...

CVE-2025-53337

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.1.3...

CVE-2025-53337

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through = 2.1.3...