45 matches found
CVE-2024-8522
LearnPress WordPress LMS Plugin (= 4.2.7.1) or apply vendor-supplied security fixes. Technical details and PoCs are available in multiple connected sources (e.g., nuclei template, Exploit DB, Metasploit module).
CVE-2023-6634
CVE-2023-6634 affects the LearnPress WordPress plugin. It allows unauthenticated remote code execution via the get_content function by abusing call_user_func with user input in versions up to and including 4.2.5.7. The vulnerability enables execution of arbitrary public functions with a single pa...
CVE-2024-8529
CVE-2024-8529 – LearnPress : The LearnPress WordPress LMS Plugin (versions ≤ 4.2.7) is vulnerable to unauthenticated SQL injection via the c_fields parameter in the /wp-json/lp/v1/courses/archive-course REST API. This is due to insufficient escaping and lack of proper SQL query preparation, allow...
CVE-2020-6010
The CVE-2020-6010 entry concerns the WordPress LearnPress plugin prior to 3.2.6.8, where an authenticated SQL injection exists in the _get_items method of LP_Modal_Search_Items via the current_items parameter on post-new.php. Impact stated in sources includes data disclosure/manipulation and pote...
CVE-2020-11511
The CVE-2020-11511 entry concerns the LearnPress WordPress plugin (versions prior to 3.2.6.9). A privilege-escalation flaw exists in the learn_press_accept_become_a_teacher function, where the code does not properly check permissions; remote attackers can escalate privileges to LP Instructor via ...
CVE-2022-0271
The CVE-2022-0271 entry concerns the WordPress LearnPress plugin and affects versions before 4.1.6. The underlying issue is insufficient sanitization/escaping of the lp-dismiss-notice before it is rendered back through the lp_background_single_email AJAX action, resulting in a Reflected Cross-Sit...
CVE-2023-6567
LearnPress for WordPress is vulnerable to time-based SQL injection via the order_by parameter in versions up to 4.2.5.7 due to insufficient escaping and query preparation. Unauthenticated attackers can append SQL to queries to extract data from the WordPress database. Remediation: update to versi...
CVE-2023-6223
CVE-2023-6223 affects the LearnPress – WordPress LMS Plugin. The issue is an insecure direct object reference (IDOR) in all versions up to and including 4.2.5.7, exposed via the /wp-json/lp/v1/profile/course-tab REST API. Missing validation on the userID parameter lets authenticated users with su...
CVE-2022-47615
CVE-2022-47615 – LearnPress WordPress plugin Affected software: LearnPress – WordPress LMS Plugin, versions
CVE-2022-0377
Affected software: WordPress LearnPress plugin prior to version 4.1.5. Vulnerability: An arbitrary image rename during profile avatar handling. After uploading and cropping, a POST contains the user-supplied image name; the server renames the file using an MD5 value, allowing an attacker to renam...
CVE-2024-11868
Affected software: LearnPress – WordPress LMS Plugin for WordPress. Vulnerability: Sensitive Information Exposure via the REST API, caused by insecure handling in class-lp-rest-material-controller.php, allowing unauthenticated access to potentially paid course material. Affected versions / scope ...
CVE-2024-6088
CVE-2024-6088 concerns the LearnPress – WordPress LMS Plugin. Affected: all versions up to and including 4.2.6.8.1. Root cause: missing capability check in the register function, enabling unauthenticated users to bypass disabled registration and create accounts with the default role. Impact: unau...
CVE-2022-45808
LearnPress WordPress LMS plugin
CVE-2024-5483
LearnPress – WordPress LMS Plugin (LearnPress) CVE-2024-5483: Sensitive Information Exposure in all versions up to 4.2.6.8 due to an incorrect implementation of get_items_permissions_check, allowing unauthenticated attackers to retrieve basic user data, including emails. Remediation provided by c...
CVE-2020-7916
Summary: CVE-2020-7916 affects WordPress LearnPress plugin versions 3.2.6.5 and earlier. The flaw resides in be_teacher in class-lp-admin-ajax.php, allowing any registered/authenticated user to call wp-admin/admin-ajax.php?action=learnpress_be_teacher and grant themselves the teacher role without...
CVE-2023-5558
The LearnPress WordPress plugin prior to version 4.2.5.5 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitization/escaping of user input before output. The issue can be exploited to run scripts in the context of an admin or high-privilege user. Multi...
CVE-2024-4434
CVE-2024-4434 (LearnPress) details (Mode C): LearnPress WordPress LMS Plugin ≤ 4.2.6.5 is vulnerable to time-based SQL Injection through the term_id parameter due to insufficient escaping and incomplete query preparation. Unauthenticated attackers can append additional SQL to exfiltrate data from...
CVE-2024-2115
CVE-2024-2115 affects LearnPress – WordPress LMS Plugin up to version 4.0.0. Root cause: missing/incorrect nonce validation in filter_users leading to CSRF. Impact: unauthenticated attackers can elevate privileges to Teacher by tricking an admin into performing an action. Public details in connec...
CVE-2022-45820
CVE-2022-45820 is a SQL Injection vulnerability in LearnPress – WordPress LMS Plugin versions
CVE-2024-1463
CVE-2024-1463 corresponds to LearnPress – WordPress LMS Plugin. It enables Stored XSS via Course, Lesson, and Quiz titles/content due to insufficient input sanitization and output escaping in versions up to 4.2.6.3. Exploitation requires LP Instructor-level authentication; an attacker can inject ...
CVE-2024-4971
CVE-2024-4971 refers to LearnPress – WordPress LMS Plugin. Affected: LearnPress ≤ 4.2.6.6. Issue: Stored Cross-Site Scripting via id parameter (per Wordfence details) arising from input handling; the initial description cites Reflected XSS. Root cause per sources: insufficient input sanitization/...
CVE-2024-3560
Analysis of CVE-2024-3560 (LearnPress – WordPress LMS Plugin) Affected software and issue: LearnPress WordPress LMS Plugin (all versions up to and including 4.2.6.4) shows stored cross‑site scripting (XSS) via the _id attribute. The root cause is insufficient input sanitization and output escapin...
CVE-2024-1289
CVE-2024-1289 affects LearnPress – WordPress LMS Plugin. All versions up to 4.2.6.3 are vulnerable to Insecure Direct Object Reference (IDOR) due to missing validation on a user-controlled key when retrieving order data. Authenticated attackers can view orders placed by other users and guests, en...
CVE-2022-3360
CVE-2022-3360 affects the LearnPress WordPress plugin prior to 4.1.7.2. The issue arises from unserialising user input in an unauthenticated REST API endpoint, enabling PHP Object Injection when a suitable gadget is present and potentially leading to remote code execution (RCE). An attacker must ...
CVE-2024-4397
LearnPress – WordPress LMS Plugin (CVE-2024-4397) is vulnerable to arbitrary file uploads due to missing file type validation in save_post_materials, affecting versions up to 4.2.6.5. Authenticated attackers with Instructor-level permissions (or higher) can upload arbitrary files to the server, w...
CVE-2024-6589
The CVE-2024-6589 entry concerns LearnPress – WordPress LMS Plugin (versions
CVE-2024-13599
CVE-2024-13599 affects LearnPress – WordPress LMS Plugin. A stored Cross-Site Scripting flaw arises from insufficient input sanitization and output escaping of a lesson name, enabling authenticated LP Instructor+ attackers to inject scripts that run when users visit injected pages. Affected versi...
CVE-2024-39641
Summary: CVE-2024-39641 is a CSRF vulnerability in LearnPress (WordPress LMS plugin) affecting LearnPress versions up to 4.2.6.8.2. The vulnerability was fixed in version 4.2.6.9. Affected software: LearnPress – WordPress LMS Plugin. Root cause / impact: Cross-Site Request Forgery; exploitation d...
CVE-2024-7548
CVE-2024-7548 affects LearnPress – WordPress LMS Plugin. It is a time-based SQL Injection via the order parameter in all versions up to and including 4.2.6.9.3, caused by insufficient escaping and incomplete query preparation. Authenticated attackers with Contributor+ rights can append SQL to ext...
CVE-2024-9881
CVE-2024-9881 affects LearnPress for WordPress: LearnPress plugin versions earlier than 4.2.7.2 fail to sanitize/escape certain settings, enabling stored XSS via admin-level abuse (even if unfiltered_html is disallowed). Root cause per sources is lack of proper sanitization/escaping of settings. ...
CVE-2023-36515
CVE-2023-36515: LearnPress for WordPress (plugin versions
CVE-2024-10010
The CVE-2024-10010 entry concerns LearnPress (WordPress LMS plugin) prior to version 4.2.7.2, where inadequate sanitisation/escaping of certain settings allows Stored XSS by high-privilege users (e.g., admins), including in multisite setups where unfiltered_html is disallowed. Public Red Hat and ...
CVE-2023-36516
CVE-2023-36516 : WordPress LearnPress plugin versions
CVE-2021-24951
The CVE-2021-24951 entry concerns the LearnPress WordPress plugin (prior to version 4.1.4). The exposed issue is a SQL injection in the duplicator flow where the id parameter is not properly sanitized, validated, or escaped before use in SQL statements (affecting course/lesson/quiz/question opera...
CVE-2021-24702
CVE-2021-24702 concerns the LearnPress WordPress plugin. The provided documents describe a vulnerability in which the plugin, in versions before 4.1.3.1, does not properly sanitize or escape inputs in course settings, potentially enabling Cross-Site Scripting (XSS) for high-privilege users when u...
CVE-2024-6099
CVE-2024-6099 affects the LearnPress – WordPress LMS Plugin. The vulnerability is an unauthenticated registration bypass caused by missing authorization checks in the checkout flow (check_validate_fields), enabling an attacker to register with the site’s default role even if registration is disab...
CVE-2024-4277
CVE-2024-4277 affects LearnPress – WordPress LMS Plugin. Affected: all WordPress versions up to and including 4.2.6.5. Root cause: insufficient input sanitization and output escaping in the layout_html parameter. Impact: authenticated attackers with contributor-level access can store scripts that...
CVE-2021-39348
The CVE-2021-39348 entry describes a stored XSS in the LearnPress WordPress plugin caused by insufficient escaping of the $custom_profile parameter in inc/admin/views/backend-user-profile.php. Affected are LearnPress versions up to 4.1.3.1, including multisite setups or admins with unfiltered_htm...
CVE-2024-4444
CVE-2024-4444 affects the LearnPress – WordPress LMS Plugin for WordPress. The vulnerability is in LearnPress versions up to 4.2.6.5 and is caused by missing checks in the checkout’s create_account function, enabling unauthenticated attackers to register as the site’s default role even when regis...
CVE-2018-16173
CVE-2018-16173 affects the WordPress LearnPress plugin prior to version 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw that can let remote attackers inject arbitrary web script or HTML via unspecified vectors, potentially causing arbitrary script execution in the logged-in user’s b...
CVE-2018-16174
The CVE-2018-16174 Open Redirect affects the WordPress LearnPress plugin, specifically versions prior to 3.1.0. The vulnerability allows remote attackers to redirect logged-in users to arbitrary sites, enabling phishing. The OpenVAS and JVN entries corroborate a multi-source disclosure of this is...
CVE-2024-13127
CVE-2024-13127 concerns the LearnPress WordPress LMS Plugin prior to 4.2.7.5.1. The vulnerability arises because the plugin does not sanitize and escape certain settings, enablingStored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins) in multisite scenarios even when unfil...
CVE-2023-30487
CVE-2023-30487 is an unauthenticated cross-site scripting (XSS) vulnerability in the LearnPress Export Import plugin for WordPress. Affected versions are
CVE-2024-13128
The CVE-2024-13128 entry concerns the LearnPress WordPress plugin prior to version 4.2.7.5.1. According to the provided documents, the vulnerability arises because the plugin does not sanitize and escape certain settings, which could allow high-privilege users (e.g., admins) to perform a Stored C...
CVE-2018-16175
Affected software: WordPress LearnPress plugin (pre-3.1.0). Vulnerability: SQL Injection allowing a user with administrative privileges to execute arbitrary SQL commands via unspecified vectors. Impact: Potential arbitrary SQL execution with full admin rights. Root cause / details: The CVE-2018-1...