CVE-2025-14798 in LearnPress Plugininfo

Zusammenfassung

von MITRE • 20.01.2026

The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the get_item_permissions_check function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and last names. Other information such as social profile links and enrollment are also included.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Veröffentlichung

20.01.2026

Moderieren

akzeptiert

Eintrag

VDB-341787

CPE

bereit

CWE

CWE-862 (bestätigt)

CVSS

5.3 (CNA)

EPSS

0.00067

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14798
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14798
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14798/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!