Thimpress

Learnpress

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-45808

Exploit
  • EPSS 83.57%
  • Veröffentlicht 26.01.2023 21:17:54
  • Zuletzt bearbeitet 21.11.2024 07:29:45

SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.

8.1

CVE-2022-3360

Exploit
  • EPSS 15.16%
  • Veröffentlicht 31.10.2022 16:15:11
  • Zuletzt bearbeitet 06.05.2025 21:15:53

The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint available to unauthenticated users, which could lead to PHP Object Injection when a suitable gadget is present, leadint to remote code execution (RCE). To s...

6.1

CVE-2022-0271

Exploit
  • EPSS 4.16%
  • Veröffentlicht 11.04.2022 15:15:08
  • Zuletzt bearbeitet 21.11.2024 06:38:16

The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action, leading to a Reflected Cross-Site Scripting

4.3

CVE-2022-0377

Exploit
  • EPSS 3.04%
  • Veröffentlicht 28.02.2022 09:15:09
  • Zuletzt bearbeitet 21.11.2024 06:38:29

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent ...

9.8

CVE-2021-24951

Exploit
  • EPSS 0.55%
  • Veröffentlicht 13.12.2021 11:15:09
  • Zuletzt bearbeitet 21.11.2024 05:54:04

The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Injections issues

4.8

CVE-2021-39348

Exploit
  • EPSS 0.65%
  • Veröffentlicht 21.10.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:19:22

The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user a...

4.8

CVE-2021-24702

Exploit
  • EPSS 0.21%
  • Veröffentlicht 18.10.2021 14:15:09
  • Zuletzt bearbeitet 21.11.2024 05:53:35

The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltred_html capability is disallowed

8.1

CVE-2020-11511

Exploit
  • EPSS 2.82%
  • Veröffentlicht 30.07.2021 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:02

The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter.

8.8

CVE-2020-6010

Exploit
  • EPSS 51.51%
  • Veröffentlicht 30.04.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:34:58

LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection

6.5

CVE-2020-7916

  • EPSS 0.38%
  • Veröffentlicht 16.03.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:38:00

be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 and earlier for WordPress allows any registered user to assign itself the teacher role via the wp-admin/admin-ajax.php?action=learnpress_be_teacher URI without any additional perm...