Lucene search
K

4 matches found

NVD
NVD
added 2026/01/06 9:15 a.m.5 views

CVE-2025-13964

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catchlpajax function in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to modify course contents b...

5.3CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/06 8:21 a.m.27 views

CVE-2025-13964 LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catchlpajax function in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to modify course contents b...

5.3CVSS0.00232EPSS
Exploits0References3
CVE
CVE
added 2026/01/06 8:21 a.m.15 views

CVE-2025-13964

CVE-2025-13964 : LearnPress – WordPress LMS Plugin (LearnPress) is vulnerable to unauthorized modification of course data due to a missing capability check in catch_lp_ajax, affecting all versions up to 4.3.2. This allows unauthenticated attackers to add/remove/update/reorder sections and section...

5.3CVSS5AI score0.00232EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1425

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions up to and including 4.3.2 Description The LearnPress – WordPress LMS Plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the catch l...

5.3CVSS5.9AI score0.00232EPSS
Exploits0References8
Rows per page
Query Builder