Lucene search
K

38 matches found

Patchstack
Patchstack
added 2024/08/08 2:31 a.m.8 views

WordPress LearnPress plugin <= 4.2.6.9.3 - Authenticated (Contributor+) SQL Injection via order Parameter vulnerability

Authenticated Contributor+ SQL Injection via order Parameter vulnerability discovered by Lucio Sá in WordPress Plugin LearnPress versions = 4.2.6.9.3...

8.8CVSS8.1AI score0.00618EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/01 1:56 p.m.7 views

WordPress LearnPress plugin <= 4.2.6.8.2 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin LearnPress versions = 4.2.6.8.2...

6.5CVSS7AI score0.00393EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/01 12:0 a.m.12 views

WordPress LearnPress Plugin <= 4.2.6.8.2 is vulnerable to Insecure Direct Object References (IDOR)

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.8.2 Fixed in 4.2.6.9 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-39642 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 051731ae418f Credits Rafie...

6.5CVSS6.5AI score0.00393EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/05 2:54 a.m.7 views

WordPress LearnPress plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API vulnerability

Basic Information Disclosure via JSON API vulnerability discovered by Khayal Farzaliyev shaman0x01 in WordPress Plugin LearnPress versions = 4.2.6.8...

5.3CVSS6.6AI score0.01008EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/22 1:10 a.m.8 views

WordPress LearnPress plugin <= 4.2.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin LearnPress versions = 4.2.6.6...

6.4CVSS5.8AI score0.00295EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.7 views

WordPress plugin LearnPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.5AI score0.36925EPSS
Exploits2References6
Patchstack
Patchstack
added 2024/05/10 2:14 a.m.4 views

WordPress LearnPress plugin <= 4.2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_html Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via layouthtml Parameter vulnerability discovered by stealthcopter in WordPress Plugin LearnPress versions = 4.2.6.5...

6.4CVSS5.8AI score0.0034EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/10 1:17 a.m.3 views

WordPress LearnPress plugin <= 4.2.6.5 - Authenticated (Instructor+) Arbitrary File Upload vulnerability

Authenticated Instructor+ Arbitrary File Upload vulnerability discovered by JoanClarke2 in WordPress Plugin LearnPress versions = 4.2.6.5...

8.8CVSS7AI score0.01025EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/10 12:0 a.m.19 views

WordPress LearnPress Plugin <= 4.2.6.5 is vulnerable to Cross Site Scripting (XSS)

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.5 Fixed in 4.2.6.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3ad5ee25dcd1 Credits stealthcopter Required...

6.4CVSS5.8AI score0.0034EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/19 2:7 a.m.4 views

WordPress LearnPress plugin <= 4.2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin LearnPress versions = 4.2.6.4...

6.4CVSS5.7AI score0.0032EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-18067 · WordPress · Learnpress

Name of the Vulnerable Software and Affected Versions: LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.3 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the Course, Lesson, and Quiz title and...

4.8CVSS8.1AI score0.00426EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/04/05 12:39 a.m.4 views

WordPress LearnPress plugin <= 4.2.6.3 - Insecure Direct Object Reference vulnerability

Insecure Direct Object Reference vulnerability discovered by drop in WordPress Plugin LearnPress versions = 4.2.6.3...

6.5CVSS7AI score0.00391EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.13 views

WordPress LearnPress Plugin <= 4.2.6.3 is vulnerable to Cross Site Scripting (XSS)

Software LearnPress Type Plugin Vulnerable versions = 4.2.6.3 Fixed in 4.2.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1463 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 652c7a60489a Credits drop Required privilege L...

4.8CVSS5.8AI score0.00426EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.13 views

WordPress LearnPress Plugin <= 4.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software LearnPress Type Plugin Vulnerable versions = 4.0.0 Fixed in 4.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2115 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 56ca5ed54f87 Credits Tim Coen Required privile...

8.8CVSS6.6AI score0.00273EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.16 views

WordPress Plugin LearnPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin LearnPress...

9.9CVSS8.5AI score0.04269EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2023/01/24 9:18 a.m.10 views

CVE-2022-45820 WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection

SQL Injection SQLi vulnerability in LearnPress – WordPress LMS Plugin = 4.1.7.3.2 versions...

9.1CVSS9.7AI score0.01005EPSS
Exploits2References2
CNVD
CNVD
added 2020/05/07 12:0 a.m.9 views

Wordpress LearnPress SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.LearnPress is a learning management system plugin used in it. A SQL injection vulnerability exists in Wordpress LearnPress...

8.8CVSS8.1AI score0.49231EPSS
Exploits6References1
Check Point Advisories
Check Point Advisories
added 2020/04/30 12:0 a.m.2 views

WordPress LearnPress Plugin SQL Injection

An SQL injection vulnerability exists in the WordPress LearnDash Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

4.9AI score
Exploits0
Rows per page
Query Builder