CVE-2026-8502

Published: Giu 06, 2026 Last Modified: Giu 06, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.6 via the 'return_type' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including the plaintext post_password of password-protected courses and the full post_content, post_author, and post_name of unpublished draft, private, and pending courses via the unrestricted SELECT * fallback query. Exploitation requires supplying both c_status=all (to bypass the publish-only post_status WHERE clause) and return_type=json (to prevent the safe DISTINCT(ID) AS ID field override) in a single unauthenticated request to the /wp-json/lp/v1/courses/archive-course endpoint.

862

Missing Authorization

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control Availability
Potential Impacts:
Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other)
Applicable Platforms
Technologies: AI/ML, Web Server, Database Server, Not Technology-Specific
Likelihood of Exploit: High
View CWE Details
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Database…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Database…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Models/C…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/Models/C…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/rest-api…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.2.8/inc/rest-api…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Databases/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Databases/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Models/Cou…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/Models/Cou…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/rest-api/v…
https://plugins.trac.wordpress.org/browser/learnpress/tags/…
https://plugins.trac.wordpress.org/browser/learnpress/tags/4.3.6/inc/rest-api/v…
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfp…
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&ol…
https://www.wordfence.com/threat-intel/vulnerabilities/id/a…
https://www.wordfence.com/threat-intel/vulnerabilities/id/a32a6ea3-4473-4075-b6…