75k WordPress sites impacted by critical online course plugin flaws

The WordPress online course plugin ‘LearnPress’ was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion.

LearnPress is a learning management system (LMS) plugin that allows WordPress websites to easily create and sell online courses, lessons, and quizzes, providing visitors with a friendly interface while requiring no coding knowledge from the website developer.

The vulnerabilities in the plugin, used in over 100,000 active sites, were discovered by PatchStack between November 30 and December 2, 2022, and reported to the software…


More Info

About mblog.my

Check Also

Malware campaign compromises over 4,500 WordPress sites | SC Media – SC Media

Military-grade xIoT hacking tools are in use, cybercrime for hire that’s predicated on compromised xIoT …

Leave a Reply

Your email address will not be published. Required fields are marked *