cleantalk
Vulnerabilities and Security Researches

LearnPress – WordPress LMS Plugin, CVE-2026-48865

CVE, Research URL

CVE-2026-48865

Home page URL

Security reports for LearnPress – WordPress LMS Plugin

Application

LearnPress – WordPress LMS Plugin

Published on
Jun 01, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress allows Reflected XSS. This issue affects LearnPress: from n/a through 4.3.6.
Affected versions
max 4.3.7.
Status
vulnerable
Previous vulnerability researches
Views for WPForms – Display & Edit WPForms Entries on your site frontend (CVE-2024-0371) , Jun 07, 2024
Views for WPForms – Display & Edit WPForms Entries on your site frontend (CVE-2024-0374) , Jun 07, 2024
Views for WPForms – Display & Edit WPForms Entries on your site frontend (CVE-2024-0372) , Jun 07, 2024
Views for WPForms – Display & Edit WPForms Entries on your site frontend (CVE-2024-0370) , Jun 07, 2024
Views for WPForms – Display & Edit WPForms Entries on your site frontend (CVE-2024-0373) , Jun 07, 2024
New vulnerability
LearnPress – WordPress LMS Plugin (CVE-2026-48865) , Jun 03, 2026
Word Replacer (CVE-2026-3620) , Jun 03, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-39447) , Jun 03, 2026
Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP (CVE-2026-27053) , Jun 03, 2026
Customizable WordPress Gallery Plugin – Modula Image Gallery (CVE-2026-42688) , Jun 03, 2026