Tag Archives: CVE-2020-6010

DB-Exploit: https://www.exploit-db.com/exploits/50137PacketStorm: https://packetstormsecurity.com/files/163536/WordPress-LearnPress-SQL-Injection.html Exploit Title: WordPress Plugin LearnPress < 3.2.6.8 – SQL Injection (Authenticated) Date: 07-17-2021 Exploit Author: nhattruong or nhattruong.blog Vendor Homepage: https://thimpress.com/learnpress/ Software Link: https://wordpress.org/plugins/learnpress/ Version: < 3.2.6.8 References link: https://wpscan.com/vulnerability/10208 CVE: CVE-2020-6010 POC: Go to url http:///wp-admin Login with a cred Execute the payload Modify current_items[] as you want