CVE-2026-2446

CRITICAL

PowerPack for LearnDash <1.3.0 - Privilege Escalation

Title source: llm

Description

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

References (1)

[Third Party Advisory] https://wpscan.com/vulnerability/cbc95cea-e5d4-4874-add6-c8c728b683b7/

Scores

CVSS v3 9.8

EPSS 0.0007

EPSS Percentile 22.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-862

Status draft

Timeline

Published Mar 06, 2026

Tracked Since Mar 06, 2026