WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability

Vulnerability

The Learnify WordPress theme, version 1.15.0 and earlier, contains an unauthenticated local file inclusion (LFI) vulnerability. An attacker does not need any authentication to trigger the vulnerable code path, which allows inclusion of arbitrary local files on the server.

Exploitation

An attacker with network access to the target WordPress site can send crafted HTTP requests to the affected Learnify theme endpoint. No authentication, user interaction, or special privileges are required. The attack can be performed remotely and automated.

Impact

Successful exploitation results in the attacker reading arbitrary local files of the target website, including files containing database credentials and other sensitive configuration data. Depending on the server configuration, this could lead to a full database compromise and further escalation [1].

Mitigation

The official vendor has not released a patched version as of the publication date. Administrators should immediately update the Learnify theme if a fix is made available. If no update exists, the theme should be replaced or disabled, and website access restricted. The vulnerability has been flagged as a potential entry point for mass-exploit campaigns [1].