ByteOS Network

Vulnerability Details :

CVE-2026-25002

Assigner Org ID-21595511-bba5-4825-b968-b78d1f9984a3

Published At-25 Mar, 2026 | 16:14

Updated At-29 Apr, 2026 | 09:51

WordPress LearnPress – Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ThimPress LearnPress – Sepay Payment learnpress-sepay-payment allows Authentication Abuse.This issue affects LearnPress – Sepay Payment: from n/a through <= 4.0.0.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:Patchstack

Assigner Org ID:21595511-bba5-4825-b968-b78d1f9984a3

Published At:25 Mar, 2026 | 16:14

Updated At:29 Apr, 2026 | 09:51

▼CVE Numbering Authority (CNA)

WordPress LearnPress – Sepay Payment plugin <= 4.0.0 - Broken Authentication vulnerability

Affected Products

Vendor

ThimPress (PhysCode)

Product

LearnPress – Sepay Payment

Collection URL

https://wordpress.org/plugins

Package Name

learnpress-sepay-payment

Default Status

unaffected

Versions

Affected

From 0 through 4.0.0 (custom)
- -> unaffectedfrom4.0.1

Problem Types

Type	CWE ID	Description
CWE	CWE-288	Authentication Bypass Using an Alternate Path or Channel

Type: CWE

CWE ID: CWE-288

Description: Authentication Bypass Using an Alternate Path or Channel

Metrics

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impacts

CAPEC ID	Description
CAPEC-114	Authentication Abuse

CAPEC ID: CAPEC-114

Description: Authentication Abuse

Credits

finder

Arif Shaikh | Patchstack Bug Bounty Program

References

Hyperlink	Resource
https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve	vdb-entry

Hyperlink: https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve

Resource:

vdb-entry

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Metrics

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:audit@patchstack.com

Published At:25 Mar, 2026 | 17:16

Updated At:29 Apr, 2026 | 10:16

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Secondary	3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N

Weaknesses

CWE ID	Type	Source
CWE-288	Secondary	audit@patchstack.com

CWE ID: CWE-288

Type: Secondary

Source: audit@patchstack.com

References

Hyperlink	Source	Resource
https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve	audit@patchstack.com	N/A

Hyperlink: https://patchstack.com/database/Wordpress/Plugin/learnpress-sepay-payment/vulnerability/wordpress-learnpress-sepay-payment-plugin-4-0-0-broken-authentication-vulnerability?_s_id=cve

Source: audit@patchstack.com

Resource: N/A

Similar CVEs

6Records found

CVE-2021-31559

Matching Score-4

Assigner-Splunk Inc.

View Details

Matching Score-4

Assigner-Splunk Inc.

CVSS Score-7.5||HIGH

EPSS-0.20% / 41.98%

7 Day CHG~0.00%

Published-06 May, 2022 | 16:35

Updated-03 Aug, 2024 | 23:03

S2S TcpToken authentication bypass

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders.

Vendor-Splunk LLC (Cisco Systems, Inc.)

Product-splunk Splunk Enterprise

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CVE-2026-40780

Matching Score-4

Assigner-Patchstack

View Details

Matching Score-4

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.05% / 14.84%

7 Day CHG+0.01%

Published-02 Jun, 2026 | 15:07

Updated-02 Jun, 2026 | 17:11

WordPress BookIt plugin < 2.5.4.1 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: from n/a before 2.5.4.1.

Vendor-Liquid Web / StellarWP

Product-BookIt

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CVE-2024-10438

Matching Score-4

Assigner-TWCERT/CC

View Details

Matching Score-4

Assigner-TWCERT/CC

CVSS Score-7.5||HIGH

EPSS-0.09% / 25.84%

7 Day CHG~0.00%

Published-28 Oct, 2024 | 02:46

Updated-25 Sep, 2025 | 14:13

Sunnet eHRD CTMS - Authentication Bypass

The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities.

Vendor-sun.net Sunnet sunnet

Product-ehrd_ctms eHRD CTMS ehrd_ctms

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CVE-2023-6718

Matching Score-4

Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)

View Details

Matching Score-4

Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)

CVSS Score-9.4||CRITICAL

EPSS-0.14% / 33.60%

7 Day CHG~0.00%

Published-13 Dec, 2023 | 09:08

Updated-01 Oct, 2024 | 14:47

Authentication Bypass Using an Alternate Path or Channel in Repox

An authentication bypass vulnerability has been found in Repox, which allows a remote user to send a specially crafted POST request, due to the lack of any authentication method, resulting in the alteration or creation of users.

Vendor-europeana Repox

Product-repox Repox

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE ID-CWE-306

Missing Authentication for Critical Function

CVE-2023-43045

Matching Score-4

Assigner-IBM Corporation

View Details

Matching Score-4

Assigner-IBM Corporation

CVSS Score-5.9||MEDIUM

EPSS-0.03% / 9.27%

7 Day CHG~0.00%

Published-23 Oct, 2023 | 17:37

Updated-11 Sep, 2024 | 14:15

IBM Sterling Partner Engagement Manager security bypass

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to perform unauthorized actions due to improper authentication. IBM X-Force ID: 266896.

Vendor-IBM Corporation

Product-sterling_partner_engagement_manager Sterling Partner Engagement Manager

CWE ID-CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE ID-CWE-306

Missing Authentication for Critical Function

CVE-2021-41995

Matching Score-4

Assigner-Ping Identity Corporation

View Details

Matching Score-4

Assigner-Ping Identity Corporation