Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 40 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4365 LearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer Deletion thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Critical 9.1 2026-04-14 01:25:00 Deep Dive
CVE-2026-4333 LearnPress <= 4.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'skin' Shortcode Attribute thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.4 2026-04-08 03:36:08 Deep Dive
CVE-2026-3225 LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 4.3 2026-03-23 22:25:41 Deep Dive
CVE-2026-3226 LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification Triggering thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 4.3 2026-03-12 02:22:37 Deep Dive
CVE-2025-14798 LearnPress – WordPress LMS Plugin <= 4.3.2.4 - Missing Authorization to Unauthenticated Sensitive User Information Disclosure via REST API thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2026-01-20 03:25:18 Deep Dive
CVE-2025-14802 LearnPress – WordPress LMS Plugin <= 4.3.2.2 - Insecure Direct Object Reference to Authenticated (Instructor+) Teacher Material Deletion thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.4 2026-01-07 07:17:33 Deep Dive
CVE-2025-13964 LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2026-01-06 08:21:49 Deep Dive
CVE-2025-13956 LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2025-12-16 04:31:35 Deep Dive
CVE-2025-14387 LearnPress – WordPress LMS Plugin <= 4.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via get_profile_social thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.4 2025-12-15 15:30:55 Deep Dive
CVE-2025-11368 LearnPress – WordPress LMS Plugin <= 4.2.9.4 - Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information Exposure thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2025-11-21 05:32:05 Deep Dive
CVE-2025-11372 LearnPress – WordPress LMS Plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.5 2025-10-18 06:42:49 Deep Dive
CVE-2024-13599 LearnPress – WordPress LMS Plugin <= 4.2.7.5 - Authenticated (LP Instructor+) Stored Cross-Site Scripting via Lesson Name thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.4 2025-01-25 07:24:16 Deep Dive
CVE-2024-11868 LearnPress – WordPress LMS Plugin <= 4.2.7.3 - Course Material Sensitive Information Exposure via REST API thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-12-10 12:25:00 Deep Dive
CVE-2024-8522 LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields' thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Critical 10.0 2024-09-12 08:30:47 Deep Dive
CVE-2024-8529 LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields' thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Critical 10.0 2024-09-12 08:30:46 Deep Dive
CVE-2024-7548 LearnPress – WordPress LMS Plugin <= 4.2.6.9.3 - Authenticated (Contributor+) SQL Injection via order Parameter thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses High 8.8 2024-08-08 05:31:46 Deep Dive
CVE-2024-6589 LearnPress <= 4.2.6.8.2 - Authenticated (Contributor+) Local File Inclusion thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses High 8.8 2024-07-25 10:59:52 Deep Dive
CVE-2024-6099 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Unauthenticated Bypass to User Registration thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:36 Deep Dive
CVE-2024-6088 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Missing Authorization to Unauthenticated User Registration Bypass thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:35 Deep Dive
CVE-2024-5483 LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-06-05 02:34:31 Deep Dive