CVE-2024-39641

CWE-352Cross-Site Request Forgery (CSRF)3 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 63.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Thimpress Learnpress
Timeline
PublishedAug 26

Description

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.6.8.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDthimpress/learnpress< 4.2.6.9
CVEListV5thimpress/learnpressn/a4.2.6.8.2

🔴Vulnerability Details

2
GHSA
GHSA-j7m9-gwcg-6hp9: Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress2024-08-26
CVEList
WordPress LearnPress plugin <= 4.2.6.8.2 - Cross Site Request Forgery (CSRF) vulnerability2024-08-26