CVE-2023-6634
- Reference to the description:
- Description:
- The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution.
- Last updated date:
- 01/17/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 04/05/2024
- Reference url to background