Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.3 views

CVE-2026-3079

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filtersorderbyorder' parameter in the 'learndashpropaneltemplate' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack o...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 1:25 a.m.4 views

CVE-2026-3079

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filtersorderbyorder' parameter in the 'learndashpropaneltemplate' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack o...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/24 1:25 a.m.2 views

CVE-2026-3079 LearnDash LMS <= 5.0.3 - Authenticated (Contributor+) SQL Injection via 'filters[orderby_order]' Parameter

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filtersorderbyorder' parameter in the 'learndashpropaneltemplate' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack o...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/24 1:25 a.m.31 views

CVE-2026-3079 LearnDash LMS <= 5.0.3 - Authenticated (Contributor+) SQL Injection via 'filters[orderby_order]' Parameter

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filtersorderbyorder' parameter in the 'learndashpropaneltemplate' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack o...

6.5CVSS0.00272EPSS
Exploits0References7
Rows per page
Query Builder