Thimpress Thimpress

  1. Vendors
  2. Thimpress

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Thimpress product.

RSS Feeds for Thimpress security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Thimpress products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Thimpress Sorted by Most Security Vulnerabilities since 2018

Thimpress Learnpress65 vulnerabilities

Thimpress Wp Hotel Booking17 vulnerabilities

Thimpress Wp Pipes4 vulnerabilities

Thimpress Eduma3 vulnerabilities

Thimpress Thim Elementor Kit3 vulnerabilities

Thimpress Sailing2 vulnerabilities

Thimpress Fundpress1 vulnerability

Thimpress Learnpress Export Import1 vulnerability

Thimpress Realpress1 vulnerability

Thimpress Resca1 vulnerability

Thimpress Thim Core1 vulnerability

Thimpress Wp Events Manager1 vulnerability

By the Year

In 2026 there have been 15 vulnerabilities in Thimpress with an average score of 5.8 out of ten. Last year, in 2025 Thimpress had 30 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Thimpress in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.44




Year Vulnerabilities Average Score
2026 15 5.79
2025 30 6.23
2024 36 7.41
2023 11 7.31
2022 4 6.63
2021 4 6.47
2020 2 8.80
2019 3 6.47

It may take a day or so for new Thimpress vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Thimpress Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-4333 Apr 08, 2026
LearnPress 4.3.3 Stored XSS via skin attribute The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'skin' attribute of the learn_press_courses shortcode in all versions up to and including 4.3.3. This is due to insufficient input sanitization and output escaping on the 'skin' shortcode attribute. The attribute value is used directly in an sprintf() call that generates HTML (class attribute and data-layout attribute) without any esc_attr() escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Learnpress
CVE-2026-25002 Mar 25, 2026
Auth Bypass in LearnPress Sepay Payment <=4.0.0 (CVE-2026-25002) Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.
Learnpress
CVE-2026-3225 Mar 23, 2026
LearnPress LMS WP Plugin v4.3.2.8: Missing Cap Check Enables Quiz Answer Delete The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonce but performs no current_user_can() check, and the QuestionAnswerModel::delete() method only validates minimum answer counts without checking user capabilities. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete answer options from any quiz question on the site.
Learnpress
CVE-2026-27065 Mar 19, 2026
BuilderPress <=2.0.1 PHP LFI due to improper include/require Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress BuilderPress allows PHP Local File Inclusion.This issue affects BuilderPress: from n/a through 2.0.1.
CVE-2026-1870 Mar 14, 2026
Thim Kit for Elementor 1.3.7 Unauthorized Data Disclosure via REST Endpoint The Thim Kit for Elementor Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to disclose private or draft LearnPress course content by supplying post_status in the params_url payload.
CVE-2026-3226 Mar 12, 2026
LearnPress WP LMS Plugin <=4.3.2.8 Unauth Email Trigger The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonce but performs no current_user_can() check before dispatching to handler functions. The wp_rest nonce is embedded in the frontend JavaScript for all authenticated users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger arbitrary email notifications to admins, instructors, and users, enabling email flooding, social engineering, and impersonation of admin decisions regarding instructor requests.
Learnpress
CVE-2026-1787 Feb 21, 2026
LearnPress Export Import WP Plugin Unauth Data Delete (4.1.0) The LearnPress Export Import WordPress extension for LearnPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'delete_migrated_data' function in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to delete course that have been migrated from Tutor LMS. The Tutor LMS plugin must be installed and activated in order to exploit the vulnerability.
Learnpress
CVE-2026-27050 Feb 19, 2026
ThimPress RealPress realpress CSRF (1.1.0) Cross-Site Request Forgery (CSRF) vulnerability in ThimPress RealPress realpress allows Cross Site Request Forgery.This issue affects RealPress: from n/a through <= 1.1.0.
Realpress
CVE-2026-24361 Jan 22, 2026
CVE-2026-24361: Stored XSS in ThimPress LearnPress Course Review <=4.1.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress &#8211; Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress &#8211; Course Review: from n/a through <= 4.1.9.
Learnpress
CVE-2025-14798 Jan 20, 2026
LearnPress WP LMS PLUGIN <4.3.2.4: Sensitive Info Exposure via get_item_chk The LearnPress WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.3.2.4 via the get_item_permissions_check function. This makes it possible for unauthenticated attackers to extract sensitive data including user first names and last names. Other information such as social profile links and enrollment are also included.
Learnpress
CVE-2025-13725 Jan 17, 2026
Gutenberg Thim Blocks WP 1.0.1 Arbitrary File Read via iconSVG The Gutenberg Thim Blocks Page Builder, Gutenberg Blocks for the Block Editor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 1.0.1. This is due to insufficient path validation in the server-side rendering of the thim-blocks/icon block. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server via the 'iconSVG' parameter, which can contain sensitive information such as wp-config.php.
CVE-2025-14075 Jan 17, 2026
WP Hotel Booking 2.2.7: AJAX Sensitive Data Exposure The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.7. This is due to the plugin exposing the 'hotel_booking_fetch_customer_info' AJAX action to unauthenticated users without proper capability checks, relying only on a nonce for protection. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including full names, addresses, phone numbers, and email addresses by providing a valid email address and a publicly accessible nonce.
Wp Hotel Booking
CVE-2025-14802 Jan 07, 2026
LearnPress 4.3.2.2 Unauth File Deletion via /wp-json/lp/v1/material The LearnPress WordPress LMS Plugin for WordPress is vulnerable to unauthorized file deletion in versions up to, and including, 4.3.2.2 via the /wp-json/lp/v1/material/{file_id} REST API endpoint. This is due to a parameter mismatch between the DELETE operation and authorization check, where the endpoint uses file_id from the URL path but the permission callback validates item_id from the request body. This makes it possible for authenticated attackers, with teacher-level access, to delete arbitrary lesson material files uploaded by other teachers via sending a DELETE request with their own item_id (to pass authorization) while targeting another teacher's file_id.
Learnpress
CVE-2025-13964 Jan 06, 2026
Unauth. Data Tampering in LearnPress LMS Plugin 4.3.2 on WP The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catch_lp_ajax function in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to modify course contents by adding/removing/updating/re-ordering sections or modifying section items.
Learnpress
CVE-2025-53344 Jan 05, 2026
CSRF in Thim Core before 2.3.3 WordPress Cross-Site Request Forgery (CSRF) vulnerability in ThimPress Thim Core allows Cross Site Request Forgery.This issue affects Thim Core: from n/a through 2.3.3.
Thim Core
CVE-2025-66054 Dec 18, 2025
LearnPress WP Plugin Missing Auth Before 4.2.9.4 Missing Authorization vulnerability in ThimPress LearnPress learnpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through <= 4.2.9.4.
Learnpress
CVE-2025-13956 Dec 16, 2025
LearnPress WP LMS Plugin <=4.3.1 Stats Exposure Unauthorized Access The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the statistic function in all versions up to, and including, 4.3.1. This makes it possible for unauthenticated attackers to view the plugin's orders statistics, including total revenue summaries and order status counts
Learnpress
CVE-2025-14387 Dec 15, 2025
LearnPress LMS Plugin 4.3.1 Stored XSS via Unsanitized Content The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Learnpress
CVE-2025-63011 Dec 09, 2025
WP Hotel Booking <=2.2.7 DOM-Based XSS (improper neutralization of input) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows DOM-Based XSS.This issue affects WP Hotel Booking: from n/a through <= 2.2.8.
Wp Hotel Booking
CVE-2025-63012 Dec 09, 2025
WP Hotel Booking CSRF via wp-hotel-booking (<=2.2.7) Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Cross Site Request Forgery.This issue affects WP Hotel Booking: from n/a through <= 2.2.8.
Wp Hotel Booking
CVE-2025-63013 Dec 09, 2025
WP Hotel Booking <=2.2.7 Sensitive Info Exposure via Unauthorized Control Sphere Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows Retrieve Embedded Sensitive Data.This issue affects WP Hotel Booking: from n/a through <= 2.2.7.
Wp Hotel Booking
CVE-2025-67594 Dec 09, 2025
Thim Elementor Kit <=1.3.3 Auth Bypass via User-Controlled Key Authorization Bypass Through User-Controlled Key vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a through <= 1.3.3.
Thim Elementor Kit
CVE-2025-67573 Dec 09, 2025
Missing Auth in ThimPress Sailing <=4.4.6 Missing Authorization vulnerability in ThimPress Sailing sailing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sailing: from n/a through < 4.4.6.
Sailing
CVE-2025-67536 Dec 09, 2025
Stored XSS in ThimPress LearnPress (<=4.2.9.4) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress learnpress allows Stored XSS.This issue affects LearnPress: from n/a through <= 4.2.9.4.
Learnpress
CVE-2025-67526 Dec 09, 2025
ThimPress Sailing <4.4.6 - PHP LFI Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Sailing sailing allows PHP Local File Inclusion.This issue affects Sailing: from n/a through < 4.4.6.
Sailing
CVE-2025-11368 Nov 21, 2025
LearnPress WP LMS Plugin 4.2.9.4 Sensitive Information Disclosure via REST API The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 4.2.9.4. This is due to missing capability checks in the REST endpoint /wp-json/lp/v1/load_content_via_ajax which allows arbitrary callback execution of admin-only template methods. This makes it possible for unauthenticated attackers to retrieve admin curriculum HTML, quiz questions with correct answers, course materials, and other sensitive educational content via the REST API endpoint granted they can supply valid numeric IDs.
Learnpress
CVE-2025-60200 Nov 06, 2025
LearnPress Export Import <=4.0.9 LFI via PHP Include/Require Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through <= 4.1.2.
Learnpress
CVE-2025-54721 Nov 06, 2025
ThimPress Resca <=3.0.2 Reflected XSS Vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through <= 3.0.2.
Resca
CVE-2025-64194 Oct 29, 2025
ThimPress Eduma <=5.7.6 Stored XSS in Page Gen Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Eduma eduma allows Stored XSS.This issue affects Eduma: from n/a through <= 5.7.6.
Eduma
CVE-2025-64195 Oct 29, 2025
ThimPress Eduma <=5.7.6 PHP LFI Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress Eduma eduma allows PHP Local File Inclusion.This issue affects Eduma: from n/a through <= 5.7.6.
Eduma
CVE-2025-60227 Oct 22, 2025
ThimPress WP Pipes 1.4.3 Path Traversal (CVE202560227) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through <= 1.4.3.
Wp Pipes
CVE-2025-49992 Oct 22, 2025
ThimPress LearnPress Export Import Reflected XSS <=4.0.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through <= 4.0.9.
Learnpress
CVE-2025-11372 Oct 18, 2025
LearnPress WP LMS Plugin <=4.2.9.2: Unauth Admin Tools REST Mod The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data in all versions up to, and including, 4.2.9.2. This is due to missing capability checks on the Admin Tools REST endpoints which are registered with permission_callback set to __return_true. This makes it possible for unauthenticated attackers to perform destructive database operations including dropping indexes on any table (including WordPress core tables like wp_options), creating duplicate configuration entries, and degrading site performance via the /wp-json/lp/v1/admin/tools/create-indexs endpoint granted they can provide table names.
Learnpress
CVE-2025-57987 Sep 22, 2025
ThimPress WP Events Manager v2.2.1 Missing Auth vulnerability Missing Authorization vulnerability in ThimPress WP Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Events Manager: from n/a through 2.2.1.
CVE-2024-13127 May 15, 2025
LearnPress WP Plugin <4.2.7.5.1 Stored XSS via Unsanitised Settings The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Learnpress
CVE-2024-13128 May 15, 2025
LearnPress WP Plugin <4.2.7.5.1: Stored XSS via Unsanitised Settings The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Learnpress
CVE-2025-47448 May 07, 2025
CSRF in ThimPress WP Hotel Booking <=2.1.9 Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking allows Cross Site Request Forgery. This issue affects WP Hotel Booking: from n/a through 2.1.9.
Wp Hotel Booking
CVE-2025-22739 Mar 27, 2025
ThimPress LearnPress: Missing Auth CVE-2025-22739 <=4.2.7.5 Missing Authorization vulnerability in ThimPress LearnPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through 4.2.7.5.
Learnpress
CVE-2025-24740 Jan 27, 2025
LearnPress Open-Redirect via URL to Untrusted Site (4.2.7.1) URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress learnpress.This issue affects LearnPress: from n/a through <= 4.2.7.1.
Learnpress
CVE-2025-24601 Jan 27, 2025
ThimPress FundPress Object Injection via Deserialization (<=2.0.6) Deserialization of Untrusted Data vulnerability in ThimPress FundPress fundpress allows Object Injection.This issue affects FundPress: from n/a through <= 2.0.6.
Fundpress
CVE-2024-13599 Jan 25, 2025
LearnPress WP LMS Plugin <=4.2.7.5 XSS via lesson name (LP Instructor+) The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.7.5 due to insufficient input sanitization and output escaping of a lesson name. This makes it possible for authenticated attackers, with LP Instructor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Learnpress
CVE-2025-24725 Jan 24, 2025
Missing Auth in Thim Elementor Kit (1.2.8) Enables Arbitrary Access Missing Authorization vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thim Elementor Kit: from n/a through <= 1.2.8.
Thim Elementor Kit
CVE-2024-13447 Jan 22, 2025
WP Hotel Booking 2.1.6 Unauthorized Access via AJAX Subscriber The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hotel_booking_load_order_user AJAX action in all versions up to, and including, 2.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve a list of registered user emails.
Wp Hotel Booking
CVE-2024-12370 Jan 17, 2025
WP Hotel Booking <=2.1.5: Cap check missing in addroom The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This makes it possible for unauthenticated attackers to add rooms with custom prices.
Wp Hotel Booking
CVE-2025-22312 Jan 07, 2025
DOM-Based XSS in Thim Elementor Kit before 1.2.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit thim-elementor-kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through <= 1.2.9.
Thim Elementor Kit
CVE-2024-9881 Dec 12, 2024
LearnPress WP Plugin 4.2.7.2 Stores XSS via Unsanitized Settings The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Learnpress
CVE-2024-10010 Dec 12, 2024
LearnPress WP 4.2.7.2 - Stored XSS via Unsanitized Settings The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Learnpress
CVE-2024-12283 Dec 11, 2024
Reflected XSS Vulnerability in WP Pipes Plugin The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the x1 parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Wp Pipes
CVE-2024-11868 Dec 10, 2024
LearnPress WordPress LMS Plugin: Sensitive Information Exposure in REST API The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.3 via class-lp-rest-material-controller.php. This makes it possible for unauthenticated attackers to extract potentially sensitive paid course material.
Learnpress
CVE-2024-9609 Nov 15, 2024
Reflected XSS Vulnerability in LearnPress Export Import WordPress Plugin The LearnPress Export Import WordPress extension for LearnPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'learnpress_import_form_server' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Learnpress Export Import
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.