6 matches found
CVE-2025-13956
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-13956
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...
CVE-2025-13956
The connected Wordfence vulnerability entry confirms CVE-2025-13956 for LearnPress – WordPress LMS Plugin, affecting all versions up to 4.3.1. It permits unauthenticated actors to view orders statistics (e.g., total revenue summaries and order status counts) due to a missing capability check in t...
WordPress LearnPress plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability
Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin LearnPress versions = 4.3.1...
PT-2025-51366
Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions prior to 4.3.2 Description The LearnPress – WordPress LMS Plugin is susceptible to unauthorized data access because of a missing capability check within the statistic function. This allows...