Tag: data manipulation

All the articles with the tag "data manipulation".

• [CVE-2025-11372] Unauthenticated REST call in LearnPress lets anyone reshape your WordPress database

  18 Oct, 2025

  All LearnPress versions up to 4.2.9.3 register an admin-only REST endpoint with a permissive permission callback. Any Internet user can drop or create indexes on arbitrary database tables, including wp_options, and grind a site to a halt.