Page 2 of 7 results (0.001 seconds)

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3. Vulnerabilidad de autorización faltante en ThimPress LearnPress. Este problema afecta a LearnPress: desde n/a hasta 4.2.3. The LearnPress plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on one of its functions in versions up to, and including, 4.2.3. This makes it possible for unauthenticated attackers to execute this function. • https://patchstack.com/database/vulnerability/learnpress/wordpress-learnpress-plugin-4-2-3-unauthenticated-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Versions below 3.2.6.9 allow an attacker to publish or trash any existing post or page, or even set it to a nonexistent status, at which point it would no longer appear on the site or be accessible from wp-admin, and could only be recovered by modifying its status in the database. • CWE-269: Improper Privilege Management •