LearnPress, a learning management plugin for WordPress, prior to 3.2.6.8 is affected by an authenticated SQL injection via the current_items parameter of the post-new.php page.
150d41dad29f88db33ed82424ed85cc194746e3e92127751db33050409ecec61
WordPress LearnPress plugin versions prior to 3.2.6.8 suffer from a remote time-based blind SQL injection vulnerability.
88be60d61f30701f2bee2c0a962b09407d110ae63bc6093a890d9e7d0172ee97