2 matches found
CVE-2024-6099
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated bypass to user registration in versions up to, and including, 4.2.6.8.1. This is due to missing checks in the 'checkvalidatefields' function in the checkout. This makes it possible for unauthenticated...
PT-2024-37378 · WordPress · Learnpress
Name of the Vulnerable Software and Affected Versions: LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.8.1 Description: The issue allows unauthorized user registration due to a missing capability check on the register function. This enables unauthenticated attackers to bypa...