CVE-2026-3079

Name of the Vulnerable Software and Affected Versions LearnDash LMS plugin for WordPress versions prior to 5.0.4

Description The software is susceptible to a blind time-based SQL injection through the filters[orderby order] parameter within the 'learndash propanel template' AJAX action. This is a result of inadequate escaping of user-supplied input and insufficient preparation of the existing SQL query. Authenticated attackers with Contributor-level access or higher can append additional SQL queries to existing ones, potentially allowing them to extract sensitive information from the database.

Recommendations Update to LearnDash LMS plugin version 5.0.4 or later.