LearnPress Security Vulnerabilities Detected

  • Resolved Frank B.

    (@frankbiganski)


    2 months, 1 week ago

    Hiya,

    I just received this email from my Cloudways hosting provider.

    “We are writing to inform you about a critical matter related to your website’s security. Our vulnerability detection system (powered by patchstack.com) has detected potential security vulnerabilities in your website application. Here are the detected vulnerabilities in your application:

    • WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.7 – Unauthenticated SQL Injection via ‘c_only_fields’ vulnerability

    Or was this just fixed in the latest update.

    • This topic was modified 2 months, 1 week ago by Frank B..
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support brianvu-tp

    (@briantp)

    Hiya Frank B,

    Thank you for reaching out.

    You are correct. The security vulnerability regarding the unauthenticated SQL injection via the c_only_fields parameter has been fixed in the latest LearnPress update. We highly recommend updating to the latest version to ensure your site remains secure.

    If you have any further concerns or need assistance with the update, feel free to let us know!

    Best regards,
    Brianvu-tp

    Plugin Support brianvu-tp

    (@briantp)

    Hi Frank B,

    We hope you’re satisfied with the response provided. Since we don’t receive your reply after a month, we will close the ticket for now.

    If you encounter any further problems or have new questions, please don’t hesitate to open a new ticket here. Thank you so much for contacting our support team.

    Thanks & Regards,
    LearnPress – Customer Support

    Thread Starter Frank B.

    (@frankbiganski)

    Thank you!

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.