cleantalk
Vulnerabilities and Security Researches

LearnPress – WordPress LMS Plugin, CVE-2026-48865

CVE, Research URL

CVE-2026-48865

Home page URL

Security reports for LearnPress – WordPress LMS Plugin

Application

LearnPress – WordPress LMS Plugin

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress allows Reflected XSS. This issue affects LearnPress: from n/a through 4.3.6.
Affected versions
max 4.3.7.
Status
vulnerable
Previous vulnerability researches
Search Everything (CVE-2014-2316) , Jun 07, 2024
Search Everything (CVE-2016-10917) , Jun 07, 2024
Search Everything (CVE-2017-18571) , Jun 07, 2024
Search Everything (CVE-2014-3843) , Jun 07, 2024
New vulnerability
LearnPress – WordPress LMS Plugin (CVE-2026-48865) , Jun 03, 2026
Word Replacer (CVE-2026-3620) , Jun 03, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-39447) , Jun 03, 2026
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2026-27053) , Jun 03, 2026
Customizable WordPress Gallery Plugin – Modula Image Gallery (CVE-2026-42688) , Jun 03, 2026