CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

Patchstack•added 2026/06/05 2:19 p.m.•6 views

WordPress LearnPress – Backup & Migration Tool plugin <= 4.1.4 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read vulnerability

Authenticated Administrator+ Path Traversal to Arbitrary File Read vulnerability discovered by Wannes Verwimp in WordPress Plugin LearnPress Export Import versions = 4.1.4...

4.9CVSS5.5AI score0.00663EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/02/21 10:37 a.m.•21 views

CVE-2026-1787 LearnPress Export Import <= 4.1.0 - Missing Authentication to Unauthenticated Migrated Course Deletion

The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deletemigrateddata' function in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attacker...

4.8CVSS0.0023EPSS

Exploits0References3

Vulnrichment•added 2026/02/21 10:37 a.m.•5 views

CVE-2026-1787 LearnPress Export Import <= 4.1.0 - Missing Authentication to Unauthenticated Migrated Course Deletion

4.8CVSS5.4AI score0.0023EPSS

Exploits0References3

CVE•added 2026/02/21 10:37 a.m.•17 views

CVE-2026-1787

CVE-2026-1787 affects LearnPress Export Import (WordPress) up to version 4.1.0, due to a missing capability check in delete_migrated_data that allows unauthenticated attackers to delete courses migrated from Tutor LMS (Tutor LMS must be installed/activated). Connected sources indicate remediation...

4.8CVSS5.6AI score0.0023EPSS

Exploits0References3

Positive Technologies•added 2026/02/21 12:0 a.m.•6 views

PT-2026-21374

Name of the Vulnerable Software and Affected Versions LearnPress Export Import versions up to and including 4.1.0 Description The LearnPress Export Import WordPress extension for the LearnPress plugin is affected by a flaw that allows unauthorized data loss. A missing capability check within the...

4.8CVSS5.3AI score0.0023EPSS

Exploits0References6

RedhatCVE•added 2025/11/07 5:33 p.m.•3 views

CVE-2025-60200

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through = 4.1.2...

7.5CVSS5.9AI score0.00362EPSS

Exploits0References1

NVD•added 2025/11/06 4:16 p.m.•5 views

CVE-2025-60200

7.5CVSS0.00362EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:54 p.m.•3 views

CVE-2025-60200 WordPress LearnPress Export Import plugin <= 4.1.2 - Local File Inclusion vulnerability

7.5CVSS5.3AI score0.00362EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•11 views

CVE-2025-60200 WordPress LearnPress Export Import plugin <= 4.1.2 - Local File Inclusion vulnerability

7.5CVSS0.00362EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•8 views

CVE-2025-60200

The CVE-2025-60200 entry is a concrete local file inclusion issue in the WordPress plugin LearnPress Export Import (versions ≤ 4.0.9 per multiple sources). Affected component: the plugin’s PHP include/require handling allowing an attacker-controlled filename to be included remotely, enabling PHP ...

7.5CVSS5.9AI score0.00362EPSS

Exploits0References1

Positive Technologies•added 2025/11/06 12:0 a.m.•3 views

PT-2025-45273

7.5CVSS7.1AI score0.00362EPSS

Exploits0References2

CNNVD•added 2025/11/06 12:0 a.m.•6 views

WordPress plugin LearnPress Export Import 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...

7.5CVSS6.5AI score0.00362EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 3:14 p.m.•4 views

CVE-2025-49992

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through = 4.0.9...

7.1CVSS6.4AI score0.00228EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•3 views

EUVD-2025-35497

5.9AI score0.00228EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•3 views

CVE-2025-49992

7.1CVSS0.00228EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•3 views

CVE-2025-49992 WordPress LearnPress Export Import plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability

7.1CVSS5.2AI score0.00228EPSS

Exploits0References1

CNNVD•added 2025/10/22 12:0 a.m.•5 views

WordPress plugin LearnPress Export Import 跨站脚本漏洞

7.1CVSS6AI score0.00228EPSS

Exploits0References1

Patchstack•added 2025/07/22 5:58 a.m.•7 views

WordPress LearnPress Export Import plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k in WordPress Plugin LearnPress Export Import versions = 4.0.9...

7.1CVSS5.3AI score0.00228EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/23 5:18 a.m.•4 views

CVE-2023-30487

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ThimPress LearnPress Export Import plugin = 4.0.2 versions...

7.1CVSS5.8AI score0.00382EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 6:58 a.m.•6 views

CVE-2024-32588

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3...

7.1CVSS5.2AI score0.0055EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by