CVE-2026-7565

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

EUVD-2026-34946

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

CVE-2026-7565 LearnPress <= 4.1.4 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'import-user-file' Parameter

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

CVE-2026-7565

CVE-2026-7565 affects LearnPress – Backup & Migration Tool for WordPress. All versions up to 4.1.4 are vulnerable to an Arbitrary File Read via Directory Traversal through the import-user-file parameter. Exploitation requires authenticated access at Administrator level or higher, allowing reading...

PT-2026-47128

Name of the Vulnerable Software and Affected Versions LearnPress – Backup & Migration Tool versions prior to 4.1.5 Description The plugin is susceptible to arbitrary file read through directory traversal, a technique that allows access to files and directories outside the intended folder...