Skip to main content

Learnpress 8211 Sepay Payment CVE-2026-25002

| EUVDEUVD-2026-15610 HIGH
Authentication Bypass Using an Alternate Path or Channel (CWE-288)
2026-03-25 Patchstack GHSA-83pv-9pxh-7c32
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
Re-analysis Queued
Apr 24, 2026 - 16:37 vuln.today
cvss_changed
EUVD ID Assigned
Mar 25, 2026 - 16:47 euvd
EUVD-2026-15610
Analysis Generated
Mar 25, 2026 - 16:47 vuln.today
CVE Published
Mar 25, 2026 - 16:14 nvd
HIGH 7.5

DescriptionCVE.org

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress &#8211; Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress &#8211; Sepay Payment: from n/a through <= 4.0.0.

AnalysisAI

This vulnerability is an authentication bypass in the ThimPress LearnPress Sepay Payment plugin for WordPress that allows attackers to abuse authentication mechanisms through alternate paths or channels. The vulnerability affects LearnPress Sepay Payment versions up to and including 4.0.0. An attacker exploiting this flaw could bypass normal authentication controls to gain unauthorized access to the learning platform, potentially accessing student accounts, course content, or administrative functions without valid credentials.

Technical ContextAI

The vulnerability is rooted in CWE-288 (Authentication Using an Alternate Path or Channel), which describes a weakness where an application implements authentication controls on a primary path but fails to enforce the same controls on alternate paths or channels. In the context of the ThimPress LearnPress Sepay Payment plugin (identified via CPE cpe:2.3:a:thimpress:learnpress_–_sepay_payment:*:*:*:*:*:*:*:*), the payment processing or user verification logic likely contains an alternate authentication mechanism—possibly in API endpoints, callback handlers, or payment webhook processing—that does not properly validate user identity. The Sepay payment gateway integration may have exposed an endpoint or parameter that allows bypassing the standard WordPress authentication checks, enabling attackers to assume user identities or escalate privileges without proper credential validation.

RemediationAI

Immediately upgrade the LearnPress Sepay Payment plugin to a version above 4.0.0 if a patched version is available from the ThimPress vendor. Review the Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability for specific patch availability and version recommendations. As an interim measure, if patching is delayed, disable the Sepay payment gateway or restrict access to payment processing endpoints to known IP ranges, implement Web Application Firewall (WAF) rules to block suspicious authentication bypass attempts targeting payment or user verification endpoints, and monitor authentication logs for anomalous activity such as successful logins from unexpected sources. Additionally, audit all user accounts and sessions created or modified during the vulnerability window to detect and remediate any unauthorized access.

Share

CVE-2026-25002 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy