CVE-2025-22346

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Published Jan 15, 2025

CWE ID 918

Summary

CVE-2025-22346 is a serious Server-Side Request Forgery (SSRF) vulnerability affecting Course Migration for LearnDash, with versions from 1.0.2 through the latest not affected. Hackers can exploit this issue to send malicious requests to the server, potentially leading to unauthorized data access or other malicious activities. The vulnerability allows an attacker to make arbitrary requests on behalf of the affected application, posing a significant security risk. Users of Course Migration for LearnDash are advised to apply patches or upgrades as soon as possible to mitigate this security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2JL6lO
https://www.cve.org/CVERecord?id=CVE-2025-22346
https://nvd.nist.gov/vuln/detail/CVE-2025-22346

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-22346

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations