2 matches found
CVE-2018-16174
The CVE-2018-16174 Open Redirect affects the WordPress LearnPress plugin, specifically versions prior to 3.1.0. The vulnerability allows remote attackers to redirect logged-in users to arbitrary sites, enabling phishing. The OpenVAS and JVN entries corroborate a multi-source disclosure of this is...
JVN#85760090: Multiple vulnerabilities in WordPress plugin "LearnPress"
WordPress LMS plugin "LearnPress" contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16173 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Open...