cleantalk
Vulnerabilities and Security Researches

LearnPress Export Import – WordPress extension for LearnPress, CVE-2025-49992

CVE, Research URL

CVE-2025-49992

Home page URL

Security reports for LearnPress Export Import – WordPress extension for LearnPress

Application

LearnPress Export Import – WordPress extension for LearnPress

Published on
Oct 22, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through <= 4.0.9.
Affected versions
max 4.0.9.
Status
vulnerable
Previous vulnerability researches
Team 118GROUP Agent (CVE-2025-23512) , Jan 21, 2025
Luzuk Team (CVE-2024-51871) , Nov 12, 2024
OS Our Team (CVE-2024-52341) , Nov 12, 2024
Inpersttion For Theme (CVE-2025-8905) , Aug 16, 2025
Team Showcase and Slider &#8211; Team Members Builder (CVE-2024-51763) , Nov 08, 2024
New vulnerability
Product Addons &amp; Fields for WooCommerce (CVE-2025-11391) , Nov 10, 2025
Product Addons &amp; Fields for WooCommerce (CVE-2025-11691) , Nov 10, 2025
wpNamedUsers (CVE-2025-48083) , Nov 10, 2025
Colibri Page Builder (CVE-2025-9560) , Nov 10, 2025
WP Snow Effect (CVE-2025-64294) , Nov 10, 2025