CVE-2025-14387 | LearnPress Plugin up to 4.3.1 on WordPress get_profile_social cross site scripting

Inserito da Angelo Barbosa | Dic 15, 2025 | CVE

A vulnerability was found in LearnPress Plugin up to 4.3.1 on WordPress. It has been classified as problematic. The impacted element is the function get_profile_social. Performing manipulation results in cross site scripting.

This vulnerability was named CVE-2025-14387. The attack may be initiated remotely. There is no available exploit.

CVE-2025-14387 | LearnPress Plugin up to 4.3.1 on WordPress get_profile_social cross site scripting

Post correlati

CVE-2024-11980 | Billion Electric M100/M150/M120N/M500 prior 1.04.1.592.8/1.04.1.675/1.04.613.13 missing authentication

CVE-2024-39844 | ZNC up to 1.9.0 modtcl Privilege Escalation

CVE-2024-0804 | Google Chrome prior 121.0.6167.85 iOS Security UI Privilege Escalation

CVE-2024-8376 | Eclipse Mosquitto up to 2.0.18 Packet memory leak