{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24361", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-22T14:42:24.567Z", "datePublished": "2026-01-22T16:52:44.475Z", "dateUpdated": "2026-04-28T16:14:48.025Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "learnpress-course-review", "product": "LearnPress \u2013 Course Review", "vendor": "ThimPress", "versions": [{"changes": [{"at": "4.2.0", "status": "unaffected"}], "lessThanOrEqual": "4.1.9", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:14.436Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress \u2013 Course Review learnpress-course-review allows Stored XSS.<p>This issue affects LearnPress \u2013 Course Review: from n/a through <= 4.1.9.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress \u2013 Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress \u2013 Course Review: from n/a through <= 4.1.9."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "Stored XSS"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:48.025Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-course-review/vulnerability/wordpress-learnpress-course-review-plugin-4-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress LearnPress \u2013 Course Review plugin <= 4.1.9 - Cross Site Scripting (XSS) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T20:35:46.838310Z", "id": "CVE-2026-24361", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T13:59:42.652Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24361", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-22T14:42:24.567Z", "datePublished": "2026-01-22T16:52:44.475Z", "dateUpdated": "2026-04-28T13:59:42.652Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "learnpress-course-review", "product": "LearnPress &#8211; Course Review", "vendor": "ThimPress", "versions": [{"changes": [{"at": "4.2.0", "status": "unaffected"}], "lessThanOrEqual": "4.1.9", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-28T13:26:16.707Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress &#8211; Course Review learnpress-course-review allows Stored XSS.<p>This issue affects LearnPress &#8211; Course Review: from n/a through <= 4.1.9.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress &#8211; Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress &#8211; Course Review: from n/a through <= 4.1.9."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "Stored XSS"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T12:10:44.642Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-course-review/vulnerability/wordpress-learnpress-course-review-plugin-4-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress LearnPress \u2013 Course Review plugin <= 4.1.9 - Cross Site Scripting (XSS) vulnerability"}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24361", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-22T20:35:46.838310Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T20:34:47.018Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress \u2013 Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress \u2013 Course Review: from n/a through <= 4.1.9."}, {"lang": "es", "value": "Neutralizaci\u00f3n Incorrecta de la Entrada Durante la Generaci\u00f3n de P\u00e1ginas Web ('cross-site scripting') vulnerabilidad en ThimPress LearnPress - Course Review learnpress-course-review permite XSS Almacenado. Este problema afecta a LearnPress - Course Review: desde n/a hasta &lt;= 4.1.9."}], "id": "CVE-2026-24361", "lastModified": "2026-04-28T19:36:46.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 3.7, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-01-22T17:16:39.820", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-course-review/vulnerability/wordpress-learnpress-course-review-plugin-4-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-29T00:57:38.787485+00:00", "value": {"mitigation_remediation": ["Update the LearnPress \u2013 Course Review plugin to the latest available version (greater than 4.1.9) or a patched release that properly sanitizes review input.", "If an upgrade is not immediately possible, disable or remove the review feature from the site or restrict review submission to trusted users only.", "Apply additional sanitization by filtering or escaping review content during output; for example, ensure the plugin uses WordPress\u2019s wp_kses or sanitize_comment_text() functions to neutralize potentially dangerous input."], "summary": {"action": "Patch", "impact": "Stored Cross-site Scripting (client\u2011side code injection)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the ThimPress LearnPress \u2013 Course Review WordPress plugin for all releases up through version\u202f4.1.9. No more recent versions are covered by this description.", "description_and_impact": "Improper neutralization of input during web page generation in ThimPress LearnPress \u2013 Course Review plugin allows stored cross\u2011site scripting. Review text is stored without sanitization, so an attacker can submit a review containing malicious JavaScript that will execute in the browsers of any visitor who views the review. This client\u2011side code injection can lead to credential theft, session hijacking, or defacement. The vulnerability is classified as CWE\u201179 and affects all releases through version 4.1.9.", "risk_and_exploitability": "The CVSS base score of 6.5 indicates a medium severity issue, while the EPSS of less than 1% points to a low likelihood of exploitation at the time of analysis. The flaw resides in the browser context; an attacker only needs to submit a review containing malicious script, which will then run whenever other users view that review. The vulnerability is not currently listed in CISA\u2019s KEV catalog and there is no advanced attack surface beyond the browser. Overall, the risk is moderate but the exploitation probability is relatively low."}}}}, "created": "2026-01-23T16:27:52.415677+00:00", "updated": "2026-04-29T01:00:11.414822+00:00", "vendors": ["thimpress", "thimpress$PRODUCT$learnpress", "wordpress", "wordpress$PRODUCT$wordpress"]}