{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25002", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-28T09:50:57.103Z", "datePublished": "2026-03-25T16:14:36.682Z", "dateUpdated": "2026-04-29T09:51:56.664Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "learnpress-sepay-payment", "product": "LearnPress \u2013 Sepay Payment", "vendor": "ThimPress", "versions": [{"changes": [{"at": "4.0.1", "status": "unaffected"}], "lessThanOrEqual": "4.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:18:27.555Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress \u2013 Sepay Payment learnpress-sepay-payment allows Authentication Abuse.<p>This issue affects LearnPress \u2013 Sepay Payment: from n/a through <= 4.0.0.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress \u2013 Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress \u2013 Sepay Payment: from n/a through <= 4.0.0."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-29T09:51:56.664Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve"}], "title": "WordPress LearnPress \u2013 Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T18:50:36.879223Z", "id": "CVE-2026-25002", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:50:43.289Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T18:50:36.879223Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:50:25.536Z"}}], "cna": {"title": "WordPress LearnPress \u2013 Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "affected": [{"vendor": "ThimPress", "product": "LearnPress &#8211; Sepay Payment", "versions": [{"status": "affected", "changes": [{"at": "4.0.1", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "4.0.0"}], "packageName": "learnpress-sepay-payment", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:18:27.555Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.<p>This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:07.657Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25002", "state": "PUBLISHED", "dateUpdated": "2026-04-23T14:14:07.657Z", "dateReserved": "2026-01-28T09:50:57.103Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:36.682Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress \u2013 Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress \u2013 Sepay Payment: from n/a through <= 4.0.0."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n usando una ruta o canal alternativo en ThimPress LearnPress \u2013 Sepay Payment learnpress-sepay-payment permite el abuso de autenticaci\u00f3n. Este problema afecta a LearnPress \u2013 Sepay Payment: desde n/a hasta &lt;= 4.0.0."}], "id": "CVE-2026-25002", "lastModified": "2026-04-29T10:16:53.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "audit@patchstack.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:41.460", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.0.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "LearnPress &#8211; Sepay Payment", "source": "cna", "vendor": "ThimPress"}, "product": "learnpress_&#8211;_sepay_payment", "vendor": "thimpress"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-29T00:39:09.295082+00:00", "value": {"mitigation_remediation": ["Update the LearnPress \u2013 Sepay Payment plugin to the latest version (above 4.0.0).", "If an update is unavailable, disable or uninstall the plugin to prevent exploitation.", "Review and harden authentication mechanisms on the WordPress site.", "Monitor site logs for suspicious authentication attempts.", "Follow general WordPress security best practices."], "summary": {"action": "Patch Now", "impact": "Authentication Bypass"}, "threat_synthesis": {"affected_systems": "The flaw affects all installations of the ThimPress LearnPress \u2013 Sepay Payment plugin for WordPress with a version no higher than 4.0.0. Any site that has not updated beyond this release is susceptible.", "description_and_impact": "The vulnerability permits Authentication Abuse by exploiting an alternate path or channel in the LearnPress \u2013 Sepay Payment plugin. This flaw allows unauthorized users to access protected areas or perform actions reserved for authenticated users, potentially compromising the confidentiality and integrity of site data.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a moderately high severity. The EPSS score is below 1%, suggesting low current exploit prevalence, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is remote, through a web request to the plugin\u2019s alternate authentication path, requiring no special privileges. An attacker who succeeds could gain unauthorized access, elevate privileges, or manipulate site content."}}}}, "created": "2026-03-25T21:34:23.682904+00:00", "updated": "2026-04-29T00:45:26.161325+00:00", "vendors": ["thimpress", "thimpress$PRODUCT$learnpress_&#8211;_sepay_payment", "wordpress", "wordpress$PRODUCT$wordpress"]}