CVE-2025-13956

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...

CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders...

WordPress LearnPress plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability

Missing Authorization to Unauthenticated Orders Statistics Exposure vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin LearnPress versions = 4.3.1...

PT-2025-51366

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions prior to 4.3.2 Description The LearnPress – WordPress LMS Plugin is susceptible to unauthorized data access because of a missing capability check within the statistic function. This allows...