CVE•Published 2024-07-02•Modified 2026-04-08•0 articles on news•7 live references•NVD data

CVE-2024-6099Thimpress · Learnpress

Vulnerability data via NVD (ingested)

CVSS v3.1

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS percentile

—

Weaknesses (CWE)

CWE-420Unprotected Alternate Channel

Description

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated bypass to user registration in versions up to, and including, 4.2.6.8.1. This is due to missing checks in the 'check_validate_fields' function in the checkout. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.

Timeline

Published 2024-07-02

Modified 2026-04-08

External references

NVD MITRE Exploit-DB GitHub PoC Sploitus trickest/cve VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2024-6099

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · WP plugin path

http.html:"/wp-content/plugins/learnpress/"

Matches any site loading the "learnpress" plugin — doesn't rely on Shodan's vuln tag.

Shodan · product

product:"Thimpress Learnpress"

All exposed Thimpress Learnpress instances — cross-reference with the CVE's affected-version range.

Shodan · banner/body mention

http.html:"Learnpress"

HTTP body or banner mentions "Learnpress" — catches deploys Shodan didn't identify as a product.