Impact
Unauthenticated access to the Learnify theme allows an attacker to include arbitrary files from the local filesystem. This can enable reading sensitive configuration or content files and may provide a foothold for further exploitation, potentially leading to execution of arbitrary code if the included files are executable. The weakness is classified as CWE-98, a classic local file inclusion flaw. The primary impact is that any unauthenticated user could trigger the inclusion, causing confidentiality or integrity compromise of server files.
Affected Systems
WordPress sites using the Learnify theme from ThemeREX Group with version 1.15.0 or earlier are vulnerable. The issue affects the entire theme’s file inclusion logic across all instances of these versions installed on a WordPress installation.
Risk and Exploitability
The CVSS score of 8.1 indicates a high severity flaw, yet the EPSS score of less than 1% suggests current exploitation activity is very low. The vulnerability is not listed in the CISA KEV catalog, and there is no official remediation available in the CVE data. Nonetheless, the absence of authentication barriers means the attack can be launched by any visitor, typically via crafted URLs or form parameters that reference prohibited file paths. Given the high potential impact and wide accessibility, the risk remains significant while the current exploitation probability is modest.
OpenCVE Enrichment