CVE-2026-3226

EPSS 0.2%
Veröffentlicht 12.03.2026 02:22:37
Zuletzt bearbeitet 22.04.2026 21:30:26
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification Triggering

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonce but performs no current_user_can() check before dispatching to handler functions. The wp_rest nonce is embedded in the frontend JavaScript for all authenticated users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger arbitrary email notifications to admins, instructors, and users, enabling email flooding, social engineering, and impersonation of admin decisions regarding instructor requests.

Mögliche Gegenmaßnahme

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses: Update to version 4.3.3, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

CNA 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellerthimpress

≫

Produkt LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

Default Statusunaffected

Version <= 4.3.2.8

Version 0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

Version *-4.3.2.8

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.098

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@wordfence.com	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://www.wordfence.com/threat-intel/vulnerabilities/id/520018db-d33b-4f2c-aaa5-611de792e11f?source=cve

https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.7/inc/class-lp-assets.php#L123

https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.7/inc/Ajax/SendEmailAjax.php#L40

https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.7/inc/Ajax/AbstractAjax.php#L17

https://plugins.trac.wordpress.org/changeset?old_path=/learnpress/tags/4.3.2.7/inc/Ajax/SendEmailAjax.php&new_path=/learnpress/tags/4.3.3/inc/Ajax/SendEmailAjax.php

https://www.wordfence.com/threat-intel/vulnerabilities/id/520018db-d33b-4f2c-aaa5-611de792e11f

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-3226

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-3226

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-3226

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-3226