CVE-2025-14798
Unknown Unknown - Not Provided
Sensitive Information Exposure in LearnPress Plugin Allows Data Leak

Publication date: 2026-01-20

Last updated on: 2026-01-20

Assigner: Wordfence

Description
The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the get_item_permissions_check function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and last names. Other information such as social profile links and enrollment are also included.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-20
Last Modified
2026-01-20
Generated
2026-06-16
AI Q&A
2026-01-20
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14798
EUVD
EUVD-2026-3479
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
thimpress learnpress to 4.3.2.4 (inc)
thimpress learnpress 4.3.2.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-14798 is a vulnerability in the LearnPress WordPress LMS plugin (up to version 4.3.2.4) where unauthenticated attackers can access sensitive user information such as first names, last names, social profile links, and enrollment data via the get_item_permissions_check function. Additionally, the plugin's REST API has a critical flaw in the password reset endpoint, which lacks proper permission checks, allowing anyone to trigger password reset emails for any user without authentication. This can lead to unauthorized access or account takeover. [2]

Impact Analysis

This vulnerability can expose sensitive personal information of users to unauthenticated attackers, compromising user privacy. Moreover, the exposed password reset endpoint allows attackers to initiate password resets for arbitrary users, potentially enabling account takeovers through phishing or social engineering attacks. This can lead to unauthorized access to user accounts and possible site compromise. [2]

Detection Guidance

This vulnerability can be detected by checking if the LearnPress plugin version is up to and including 4.3.2.4 and by testing the accessibility of the REST API password reset endpoint which has no authentication. You can use curl or similar tools to send a POST request to the /reset-password REST API endpoint and observe if it allows unauthenticated password reset requests. Example command: curl -X POST https://yourwordpresssite.com/wp-json/learnpress/v1/users/reset-password -d '{"username":"targetusername"}' -H 'Content-Type: application/json' -v. If the request succeeds without authentication, the vulnerability is present. [2]

Mitigation Strategies

Immediate mitigation steps include updating the LearnPress plugin to a version later than 4.3.2.4 where this vulnerability is fixed. If an update is not immediately possible, restrict access to the REST API endpoints related to user management, especially the password reset endpoint, by implementing authentication or IP restrictions. Additionally, monitor for suspicious password reset requests and consider disabling the vulnerable REST API endpoints temporarily. [2]

Compliance Impact

The vulnerability allows unauthenticated attackers to access sensitive user information such as first names, last names, social profile links, and enrollment data. Exposure of such personal data can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access. Therefore, this vulnerability negatively impacts compliance with these common standards and regulations by risking unauthorized disclosure of personal data. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14798. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart