Vulnerabilities > Thimpress > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-22 | CVE-2021-36852 | Unspecified vulnerability in Thimpress WP Hotel Booking Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking plugin <= 1.10.5 at WordPress. | 8.0 |
| 2021-07-30 | CVE-2020-11511 | Missing Authorization vulnerability in Thimpress Learnpress The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter. | 8.1 |
| 2020-04-30 | CVE-2020-6010 | SQL Injection vulnerability in Thimpress Learnpress LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection | 8.8 |
| 2019-01-09 | CVE-2018-16175 | SQL Injection vulnerability in Thimpress Learnpress SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | 7.2 |