VYPR
Unrated severityNVD Advisory· Published Dec 13, 2021· Updated Aug 3, 2024

LearnPress < 4.1.4 - Admin+ SQL Injection

CVE-2021-24951

Description

The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Injections issues

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.