CVE-2021-39348
LearnPress – WordPress LMS Plugin <= 4.1.3.1 Authenticated Stored Cross-Site ScriptingThe LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702.
We have discovered 9 live websites that are affected by CVE-2021-39348.
Contact us to get more info
Affected Software
| |
---|
Product | LearnPress |
Category | Wordpress Plugins |
Vulnerable Versions | - from 4.1.3.1 through 4.1.3.1
|
Total Vulnerable Versions | 156 |
Vulnerable Domains | 9 live websites (0.10% of LearnPress install base) |
Common Weakness Enumeration
CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)