{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25002", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-28T09:50:57.103Z", "datePublished": "2026-03-25T16:14:36.682Z", "dateUpdated": "2026-03-26T18:50:43.289Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "learnpress-sepay-payment", "product": "LearnPress &#8211; Sepay Payment", "vendor": "ThimPress", "versions": [{"changes": [{"at": "4.0.1", "status": "unaffected"}], "lessThanOrEqual": "<= 4.0.0", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:17.394Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.<p>This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:36.682Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve"}], "title": "WordPress LearnPress \u2013 Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T18:50:36.879223Z", "id": "CVE-2026-25002", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:50:43.289Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T18:50:36.879223Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:50:25.536Z"}}], "cna": {"title": "WordPress LearnPress \u2013 Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Arif Shaikh | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "Authentication Abuse"}]}], "affected": [{"vendor": "ThimPress", "product": "LearnPress &#8211; Sepay Payment", "versions": [{"status": "affected", "changes": [{"at": "4.0.1", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 4.0.0"}], "packageName": "learnpress-sepay-payment", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:17.394Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.<p>This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-288", "description": "Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:36.682Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25002", "state": "PUBLISHED", "dateUpdated": "2026-03-26T18:50:43.289Z", "dateReserved": "2026-01-28T09:50:57.103Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:36.682Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n usando una ruta o canal alternativo en ThimPress LearnPress \u2013 Sepay Payment learnpress-sepay-payment permite el abuso de autenticaci\u00f3n. Este problema afecta a LearnPress \u2013 Sepay Payment: desde n/a hasta &lt;= 4.0.0."}], "id": "CVE-2026-25002", "lastModified": "2026-03-26T19:16:37.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:41.460", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.0.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "LearnPress &#8211; Sepay Payment", "source": "cna", "vendor": "ThimPress"}, "product": "learnpress_&#8211;_sepay_payment", "vendor": "thimpress"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T17:35:39.768999+00:00", "value": {"mitigation_remediation": ["Apply the latest patch for the LearnPress \u2013 Sepay Payment plugin (any release newer than 4.0.0).", "Verify that the plugin\u2019s authentication endpoints are not exposed to unauthenticated requests and that proper authentication is enforced."], "summary": {"action": "Immediate Patch", "impact": "Authentication Bypass enabling unauthorized access"}, "threat_synthesis": {"affected_systems": "The flaw affects the ThimPress LearnPress \u2013 Sepay Payment plugin package. Version numbers from the earliest stable release up to and including 4.0.0 are impacted. No other versions are known to be affected.", "description_and_impact": "The vulnerability permits an attacker to bypass normal authentication checks by using an alternate path or channel within the LearnPress \u2013 Sepay Payment plugin. This results in unauthorized access to the plugin\u2019s functionality and potentially sensitive financial data, and it is classified as a CWE\u2011288 \"Authentication Bypass using an Alternate Channel\" flaw.", "risk_and_exploitability": "No EPSS data or KEV listing is available, so the precise exploit probability and current exploitation status are uncertain. The CVSS score is not provided, but an authentication bypass generally carries a moderate to high severity. Attackers could exploit the flaw by sending crafted HTTP requests to the plugin\u2019s alternate authentication endpoint \u2013 an approach that does not require prior valid credentials. Once authenticated, the attacker could manipulate payment processing or access other protected resources provided by the plugin."}}}}, "created": "2026-03-25T21:34:23.682904+00:00", "updated": "2026-03-26T11:39:37.646940+00:00", "vendors": ["thimpress", "thimpress$PRODUCT$learnpress_&#8211;_sepay_payment", "wordpress", "wordpress$PRODUCT$wordpress"]}