Vulnerability Discovered in WordPress LMS LearnDash < 3.1.6
https://learndash.releasenotes.ioLearnDash is a popular premium WordPress plugin that can be used for creating (and selling) online courses. In versions prior to 3.1.6, there is a vulnerability that allows attackers to launch unauthenticated SQL injection attacks.
The issue has been fixed in Version 3.1.6 which is available now from the plugin’s website.