WordPress teachPress 'root' Multiple Local File Include Vulnerabilities

WordPress teachPress 'root' Multiple Local File Include Vulnerabilities

The teachPress plug-in for WordPress is prone to multiple local file include vulnerabilities because it fails to adequately validate user-supplied input.

An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible.

teachPress 2.3.2 is vulnerable; prior versions may also be affected.