CVE-2022-47615

CRITICAL EXPLOITED NUCLEI

Thimpress Learnpress < 4.2.0 - Unrestricted File Upload

Title source: rule

Description

Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.

Exploits (1)

nomisec WORKING POC
by RandomRobbieBF · infoleak
https://github.com/RandomRobbieBF/CVE-2022-47615

Nuclei Templates (1)

LearnPress Plugin < 4.2.0 - Local File Inclusion
CRITICALVERIFIEDby DhiyaneshDK
Shodan: http.html:/wp-content/plugins/learnpress
FOFA: body=/wp-content/plugins/learnpress

References (2)

Scores

CVSS v3 9.3
EPSS 0.8671
EPSS Percentile 99.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

Exploitation Intel

VulnCheck KEV 2023-01-20

Classification

CWE
CWE-434
Status published

Affected Products (1)

thimpress/learnpress < 4.2.0

Timeline

Published Jan 26, 2023
Tracked Since Feb 18, 2026