CVE-2025-14798 in LearnPress Plugin情報

要約

〜によって MITRE • 2026年01月20日

The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the get_item_permissions_check function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and last names. Other information such as social profile links and enrollment are also included.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

公開

2026年01月20日

モデレーション

承諾済み

エントリ

VDB-341787

CPE

準備完了

CWE

CWE-862 (確認済み)

CVSS

5.3 (CNA)

EPSS

0.00067

KEV

いいえ

アクティビティ

非常低い

セクター

Hostingprovider

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14798
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14798
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14798/

◂ 前概要次 ▸

Interested in the pricing of exploits?

See the underground prices here!