Unauthenticated SQL Injection in LearnPress WordPress LMS Plugin 4.2.7
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to SQL Injection through the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint. This affects all versions up to, and including, 4.2.7. The issue arises because user input is not properly escaped and the existing SQL query is not adequately prepared. This allows unauthenticated attackers to insert additional SQL queries into existing ones, potentially extracting sensitive data from the database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thimpress learnpress |