CVE-2012-4915

Google Doc Embedder <2.5.4 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-4915. PoCs published by Metasploit, Charlie Eriksen, including Metasploit module exploits/unix/webapp/wp_google_document_embedder_exec.

AI-analyzed exploit summary This exploit targets a file disclosure vulnerability in the WordPress Google Document Embedder plugin (CVE-2012-4915) to retrieve database credentials, modify admin passwords, and inject a PHP backdoor into a theme file for remote code execution.

Description

Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappsphp

https://www.exploit-db.com/exploits/23970

View Code ZIP pw:eip

This exploit targets a file disclosure vulnerability in the WordPress Google Document Embedder plugin (CVE-2012-4915) to retrieve database credentials, modify admin passwords, and inject a PHP backdoor into a theme file for remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress Plugin Google Document Embedder <= 2.4.6

No auth needed

Prerequisites: WordPress with vulnerable plugin installed · MySQL server accessible from the attacker · WordPress filesystem write access

MITRE ATT&CK

T1005 - Data from Local System T1059 - Command and Scripting Interpreter T1098 - Account Manipulation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by Charlie Eriksen · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file disclosure vulnerability in the WordPress Google Document Embedder plugin (CVE-2012-4915) to leak database credentials, modify admin passwords, and achieve remote code execution by injecting PHP payloads into theme files.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress Plugin Google Document Embedder <= 2.4.6

No auth needed

Prerequisites: WordPress installation with vulnerable plugin · MySQL server accessible from the target · Filesystem write permissions for WordPress

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1003 - OS Credential Dumping T1059 - Command and Scripting Interpreter T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/57133

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/80930

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/88891

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/50832

Scores

EPSS 0.5002

EPSS Percentile 98.8%

Details

CWE

CWE-22

Status published

Products (18)

davistribe/google_doc_embedder 2.0

davistribe/google_doc_embedder 2.1

davistribe/google_doc_embedder 2.2

davistribe/google_doc_embedder 2.2.1

davistribe/google_doc_embedder 2.2.2

davistribe/google_doc_embedder 2.2.3

davistribe/google_doc_embedder 2.3

davistribe/google_doc_embedder 2.4

davistribe/google_doc_embedder 2.4.1

davistribe/google_doc_embedder 2.4.2

... and 8 more

Published May 29, 2014

Tracked Since Feb 18, 2026