CVE-2025-13956 Scanner

LearnPress is a popular Learning Management System (LMS) plugin for WordPress, designed to facilitate the creation and management of online courses and educational content. Developed by ThimPress, it is used by educational institutions, online course providers, and individual educators. The plugin allows users to create lessons, quizzes, and assignments with ease. The intuitive interface and integration with WordPress make it an accessible option for those looking to launch online learning platforms. Additionally, its wealth of features supports user engagement and course monetization. LearnPress is extensible with add-ons, allowing for a customized learning environment.

The Information Disclosure vulnerability in LearnPress arises due to a lack of proper capability checks on certain functions. This flaw allows unauthenticated attackers to access sensitive data within the plugin. Specifically, they can view order statistics such as total revenue summaries and order status counts. The vulnerability affects LearnPress versions up to and including 4.3.1. By exploiting this security flaw, attackers gain unauthorized insight into financial and transactional metrics. This issue underscores the importance of maintaining robust access controls to protect sensitive information.

Technically, this vulnerability manifests due to the missing capability check on the statistics function within LearnPress. The vulnerable endpoint, reachable via a GET request at '/wp-json/lp/v1/orders/statistic', lacks proper authorization mechanisms. The response includes sensitive information like "total-raised" and "order-completed" if the attacker can satisfy specific conditions related to the response body and status code. The flaw highlights a critical gap in access control, allowing unauthorized users to retrieve confidential data. Ensuring proper verification and limiting access to authenticated users is essential for preventing such issues.

Potential consequences of exploiting this vulnerability include unauthorized access to sensitive financial data. An attacker could use the disclosed information to gain insights into business operations, potentially leading to competitive disadvantages. The exposure of revenue data and order status could also lead to financial losses if exploited for nefarious purposes. Furthermore, this breach of information can undermine customer trust, damaging the brand's reputation. It stresses the need for immediate remediation and continuous security assessments to prevent unauthorized data exposure.

REFERENCES

• https://wpscan.com/vulnerability/b4c0e309-45d1-4b00-875d-ec8a76910253/
• https://nvd.nist.gov/vuln/detail/CVE-2025-13956