wpcoursesplugin CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

wpcoursesplugin vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to wpcoursesplugin, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-26876 The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom post types (e.g., /wp-json/wp/v2/course and /wp-json/wp/v2/lesson exist). [email protected] 7.5 9.20% 2020-10-07 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence