Description
Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.
Published: 2026-06-16
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Unauthenticated access to the Learnify theme allows an attacker to include arbitrary files from the local filesystem. This can enable reading sensitive configuration or content files and may provide a foothold for further exploitation, potentially leading to execution of arbitrary code if the included files are executable. The weakness is classified as CWE-98, a classic local file inclusion flaw. The primary impact is that any unauthenticated user could trigger the inclusion, causing confidentiality or integrity compromise of server files.

Affected Systems

WordPress sites using the Learnify theme from ThemeREX Group with version 1.15.0 or earlier are vulnerable. The issue affects the entire theme’s file inclusion logic across all instances of these versions installed on a WordPress installation.

Risk and Exploitability

The CVSS score of 8.1 indicates a high severity flaw, yet the EPSS score of less than 1% suggests current exploitation activity is very low. The vulnerability is not listed in the CISA KEV catalog, and there is no official remediation available in the CVE data. Nonetheless, the absence of authentication barriers means the attack can be launched by any visitor, typically via crafted URLs or form parameters that reference prohibited file paths. Given the high potential impact and wide accessibility, the risk remains significant while the current exploitation probability is modest.

Generated by OpenCVE AI on June 17, 2026 at 19:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Learnify theme to version 1.15.1 or newer to remove the local file inclusion flaw.
  • If an immediate upgrade is not feasible, disable the Learnify theme or restrict site access until the update can be applied.
  • Implement server‑side defenses, such as firewall rules or WAF configuration, to block requests that attempt to traverse directories or include sensitive system files via the theme’s exposed parameters.

Generated by OpenCVE AI on June 17, 2026 at 19:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 23 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Themerex Group
Themerex Group learnify
Wordpress
Wordpress wordpress
Vendors & Products Themerex Group
Themerex Group learnify
Wordpress
Wordpress wordpress

Thu, 18 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Description Unauthenticated Local File Inclusion in Learnify <= 1.15.0 versions.
Title WordPress Learnify theme <= 1.15.0 - Local File Inclusion vulnerability
Weaknesses CWE-98
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Subscriptions

Themerex Group Learnify
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-06-17T10:54:09.610Z

Reserved: 2025-09-25T15:20:02.782Z

Link: CVE-2025-60085

cve-icon Vulnrichment

Updated: 2026-06-17T10:54:04.446Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T21:04:32Z

Weaknesses
  • CWE-98

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')