Sensitive Information Exposure in LearnPress LMS Plugin for WordPress
CVE-2026-8502

5.3MEDIUM

What is CVE-2026-8502?

The LearnPress plugin for WordPress, used for creating and selling online courses, is susceptible to a sensitive information exposure vulnerability. This issue allows unauthenticated users to extract sensitive data through the 'return_type' parameter. Attackers can obtain plaintext post passwords for password-protected courses and access full details of unpublished drafts, including post content and metadata. The exploitation of this vulnerability is facilitated by sending a specific request to the /wp-json/lp/v1/courses/archive-course endpoint, demanding both c_status=all and return_type=json to bypass the site's security measures.

Affected Version(s)

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 0 <= 4.3.6

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jamshed Yergashvoyev
.