cleantalk
Vulnerabilities and Security Researches

LearnPress Export Import – WordPress extension for LearnPress, CVE-2026-7565

CVE, Research URL

CVE-2026-7565

Home page URL

Security reports for LearnPress Export Import – WordPress extension for LearnPress

Application

LearnPress Export Import – WordPress extension for LearnPress

Published on
Jun 06, 2026
Research Description
The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected versions
max 4.1.5.
Status
vulnerable
Previous vulnerability researches
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2026-40787) , May 02, 2026
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2026-25329) , Feb 27, 2026
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2026-25324) , Feb 27, 2026
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-9637) , Apr 17, 2026
New vulnerability
Simple SEO Slideshow (CVE-2026-8900) , Jun 08, 2026
LearnPress Export Import – WordPress extension for LearnPress (CVE-2026-7565) , Jun 08, 2026
LearnPress Export Import – WordPress extension for LearnPress (CVE-2026-7566) , Jun 08, 2026
Event Monster – Event Management, Tickets Booking, Upcoming Event (CVE-2026-8608) , Jun 08, 2026
Click to Chat – HoliThemes (CVE-2026-7795) , Jun 07, 2026