WordPress LearnPress plugin <= 4.2.7.5 - Authenticated (Instructor+) Stored Cross-Site Scripting via Lesson Name vulnerability

Authenticated Instructor+ Stored Cross-Site Scripting via Lesson Name vulnerability discovered by Tim Coen in WordPress Plugin LearnPress versions = 4.2.7.5...

CVE-2024-13599

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.7.5 due to insufficient input sanitization and output escaping of a lesson name. This makes it possible for authenticated attackers, with LP...

PT-2025-2229 · WordPress · Learnpress

Name of the Vulnerable Software and Affected Versions: LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.7.5 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping of a lesson name. This allows authenticated...

eFront 3.6.14 Cross Site Scripting

EDB Note: Screenshot provided by exploit author. Exploit Title: eFront v3.6.14 build 18012 -Stored XSS in multiple Parameters Author: sajith version: eFront v3.6.14- build 18012 Vendor Homepage: http://www.efrontlearning.net/ vulnerable app link:http://www.efrontlearning.net/download POC by sajit...

eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities

eFront 3.6.14 build 18012 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit-DB Note: Screenshot provided by exploit author. Exploit Title: eFront v3.6.14 build 18012 -Stored XSS in multiple Parameters Author: sajith version: eFront v3.6.14- build 18012 Vendor Homepage:...