CVE-2024-4444 — Unprotected Alternate Channel in Learnpress

CWE-420 — Unprotected Alternate Channel CWE-862 — Missing Authorization CWE-611 — XML External Entity (XXE) Injection5 documents5 sources

Severity

6.5MEDIUMNVD

CNA5.3GHSA7.5

EPSS

0.9%

top 23.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Thimpress Learnpress Thimpress Learnpress Wordpress LMS Plugin FOR Create AND Sell Online Courses

Timeline

PublishedMay 14

Latest updateNov 10

Description

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'create_account' function in the checkout. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶CVEListV5thimpress/learnpress_wordpress_lms_plugin_for_create_and_sell_online_courses4.2.6.5

▶NVDthimpress/learnpress< 4.2.6.6

🔴Vulnerability Details

GHSA

CycloneDX Core (Java): BOM validation is vulnerable to XML External Entity injection↗2025-11-10

▶

GHSA

GHSA-gwvv-qc8g-gmwc: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4↗2024-05-14

▶

CVEList

LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration↗2024-05-10

▶

📋Vendor Advisories

Red Hat

cyclonedx-core-java: CycloneDX Core (Java): BOM validation is vulnerable to XML External Entity injection↗2025-11-10

▶