CVE-2025-11368

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions prior to 4.2.9.5

Description The LearnPress – WordPress LMS Plugin for WordPress is affected by a sensitive information disclosure issue. Missing capability checks in the REST endpoint /wp-json/lp/v1/load content via ajax allow arbitrary callback execution of admin-only template methods. This enables unauthenticated attackers to retrieve sensitive educational content, including admin curriculum HTML, quiz questions with correct answers, and course materials, by supplying valid numeric IDs to the REST API endpoint. The vulnerable parameter is the numeric ID supplied to the /wp-json/lp/v1/load content via ajax endpoint.

Recommendations Versions prior to 4.2.9.5 should be updated.