Learnpress Security Vulnerabilities and Issues — Learnpress CVE List

Lucene search

ThimpressLearnpress

3 matches found

CVE•added 2024/08/26 9:15 p.m.•53 views

CVE-2024-39641

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.6.8.2.

8.8CVSS7AI score0.00052EPSS

CVE•added 2024/08/13 11:15 a.m.•44 views

CVE-2024-39642

Authorization Bypass Through User-Controlled Key vulnerability in ThimPress LearnPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects LearnPress: from n/a through 4.2.6.8.2.

6.5CVSS6.5AI score0.00181EPSS

CVE•added 2024/08/08 6:15 a.m.•38 views

CVE-2024-7548

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'order' parameter in all versions up to, and including, 4.2.6.9.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

8.8CVSS8.7AI score0.00655EPSS