2 matches found
CVE-2018-16173
CVE-2018-16173 affects the WordPress LearnPress plugin prior to version 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw that can let remote attackers inject arbitrary web script or HTML via unspecified vectors, potentially causing arbitrary script execution in the logged-in user’s b...
JVN#85760090: Multiple vulnerabilities in WordPress plugin "LearnPress"
WordPress LMS plugin "LearnPress" contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16173 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Open...