漏洞描述
LearnPress 是适用于 WordPress 的综合性 WordPress LMS 插件。 这是最好的 WordPress LMS 插件之一,可用于轻松创建和在线销售课程。WordPress LearnPress 插件 <= 4.1.7.3.2存在文件包含漏洞,攻击者利用该漏洞可获取敏感文件。
WordPress Plugin LearnPress archive-course 文件包含漏洞(CVE-2022-47615)
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-0271: LearnPress <4.1.6 - Cross-Site Scripting
- POC CVE-2022-45808: LearnPress Plugin < 4.2.0 - Unauthenticated Time-Based Blind SQLi
- POC CVE-2022-47615: LearnPress Plugin < 4.2.0 - Local File Inclusion
- POC CVE-2023-5558: LearnPress < 4.2.5.5 - Cross-Site Scripting
- POC CVE-2023-6567: LearnPress <= 4.2.5.7 - SQL Injection
- POC CVE-2023-6634: LearnPress < 4.2.5.8 - Remote Code Execution
- POC CVE-2024-4434: LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection
- POC CVE-2024-8522: LearnPress < 4.2.7.1 - SQL Injection
- POC CVE-2024-8529: LearnPress < 4.2.7.1 - SQL Injection
- WordPress Plugin LearnPress SQL注入漏洞(CVE-2022-45808)
- WordPress plugin LearnPress 跨站脚本漏洞