Medium severity5.3NVD Advisory· Published Dec 10, 2024· Updated Apr 8, 2026
CVE-2024-11868
CVE-2024-11868
Description
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.3 via class-lp-rest-material-controller.php. This makes it possible for unauthenticated attackers to extract potentially sensitive paid course material.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*+ 1 more
- cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*range: <4.2.7.4
- (no CPE)range: <=4.2.7.3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.