Vulnerabilities > Thimpress > Learnpress > 4.1.3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-13 | CVE-2021-24951 | SQL Injection vulnerability in Thimpress Learnpress The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/question, leading to SQL Injections issues | 7.5 |