LearnPress <= 4.2.6.3 - Authenticated(LP Instructor+) Stored Cross-Site Scripting

Wordfence Intelligence > Vulnerability Database > LearnPress <= 4.2.6.3 - Authenticated(LP Instructor+) Stored Cross-Site Scripting

4.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

CVE	CVE-2024-1463
CVSS	4.4 (Medium)
Publicly Published	April 4, 2024
Last Updated	April 9, 2024
Researcher	drop

Description

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Course, Lesson, and Quiz title and content in all versions up to, and including, 4.2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with LP Instructor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Learn more about Cross-Site Scripting vulnerabilities and how to prevent them.

References

plugins.trac.wordpress.org

Vulnerability Details for LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

Software Type	Plugin
Software Slug	learnpress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2.6.4, or a newer patched version
Affected Version	<= 4.2.6.3
Patched Version	4.2.6.4

Recent vulnerabilities in LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress <= 4.3.6 - Unauthenticated Sensitive Information Exposure via 'c_status' and 'return_type' Parameters

5.3

CVE-2026-8502

Jun 5, 2026

Researcher: Jamshed Yergashvoyev (CVE Guy)

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.6 - Reflected Cross-Site Scripting

6.1

CVE-2026-48865

Jun 1, 2026

Researcher: VanTastic

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' Parameter

4.3

CVE-2026-7648

May 13, 2026

Researcher: winrace

LearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer Deletion

9.1

CVE-2026-4365

Apr 13, 2026

Researcher: Supakiad S. (m3ez)

LearnPress <= 4.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'skin' Shortcode Attribute

6.4

CVE-2026-4333

Apr 7, 2026

Researcher: zaim

LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion

4.3

CVE-2026-3225

Mar 23, 2026

Researcher: Jack Pas (Dark.)

LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification Triggering

4.3

CVE-2026-3226

Mar 11, 2026

Researcher: Jack Pas (Dark.)

LearnPress – WordPress LMS Plugin <= 4.3.2.4 - Missing Authorization to Unauthenticated Sensitive User Information Disclosure via REST API

5.3

CVE-2025-14798

Jan 19, 2026

Researcher: andrea bocchetti

LearnPress – WordPress LMS Plugin <= 4.3.2.2 - Insecure Direct Object Reference to Authenticated (Instructor+) Teacher Material Deletion

5.4

CVE-2025-14802

Jan 6, 2026

Researcher: Deniz Mert (dennywise)

LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification

5.3

CVE-2025-13964

Jan 5, 2026

Researcher: Supakiad S. (m3ez)

#	Title	CVE ID	CVSS	Researchers	Date
1	LearnPress <= 4.3.6 - Unauthenticated Sensitive Information Exposure via 'c_status' and 'return_type' Parameters	CVE-2026-8502	5.3	Jamshed Yergashvoyev (CVE Guy)	June 5, 2026
2	LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.6 - Reflected Cross-Site Scripting	CVE-2026-48865	6.1	VanTastic	June 1, 2026
3	LearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' Parameter	CVE-2026-7648	4.3	winrace	May 13, 2026
4	LearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer Deletion	CVE-2026-4365	9.1	Supakiad S. (m3ez)	April 13, 2026
5	LearnPress <= 4.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'skin' Shortcode Attribute	CVE-2026-4333	6.4	zaim	April 7, 2026
6	LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Answer Deletion	CVE-2026-3225	4.3	Jack Pas (Dark.)	March 23, 2026
7	LearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification Triggering	CVE-2026-3226	4.3	Jack Pas (Dark.)	March 11, 2026
8	LearnPress – WordPress LMS Plugin <= 4.3.2.4 - Missing Authorization to Unauthenticated Sensitive User Information Disclosure via REST API	CVE-2025-14798	5.3	andrea bocchetti	January 19, 2026
9	LearnPress – WordPress LMS Plugin <= 4.3.2.2 - Insecure Direct Object Reference to Authenticated (Instructor+) Teacher Material Deletion	CVE-2025-14802	5.4	Deniz Mert (dennywise)	January 6, 2026
10	LearnPress – WordPress LMS Plugin <= 4.3.2 - Missing Authentication to Unauthenticated Course Modification	CVE-2025-13964	5.3	Supakiad S. (m3ez)	January 5, 2026

View more vulnerabilities in this software package View more vulnerabilities

This record contains material that is subject to copyright.

License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. Read more.

License: CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy. Read more.

Have information to add, or spot any errors? Contact us at wfi-support@wordfence.com so we can make any appropriate adjustments.

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation