cleantalk
Vulnerabilities and Security Researches

LearnPress Export Import – WordPress extension for LearnPress, CVE-2025-60200

CVE, Research URL

CVE-2025-60200

Home page URL

Security reports for LearnPress Export Import – WordPress extension for LearnPress

Application

LearnPress Export Import – WordPress extension for LearnPress

Published on
Nov 06, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress LearnPress Export Import learnpress-import-export allows PHP Local File Inclusion.This issue affects LearnPress Export Import: from n/a through <= 4.0.9.
Affected versions
max 4.0.9.
Status
vulnerable
Previous vulnerability researches
WP Carticon (CVE-2025-12065) , Nov 10, 2025
New vulnerability
Blocksy Companion (CVE-2025-12475) , Nov 10, 2025
Cinza Grid (CVE-2025-11824) , Nov 10, 2025
Password Policy Manager | Password Manager (CVE-2025-11255) , Nov 10, 2025
Search &amp; Filter (CVE-2025-48099) , Nov 10, 2025
Bux Woocommerce (CVE-2025-60247) , Nov 10, 2025