CVE-2025-67536

Name of the Vulnerable Software and Affected Versions LearnPress versions through 4.2.9.4

Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting (XSS). This can potentially allow an attacker to inject malicious scripts into web pages viewed by other users. The affected component is susceptible to exploitation through crafted input.

Recommendations Update LearnPress to a version later than 4.2.9.4.