CVE-2023-0159

HIGH EXPLOITED NUCLEI

Extensive VC Addons for WPBakery <1.9.1 - Info Disclosure

Title source: llm

Description

The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains.

Exploits (3)

exploitdb WORKING POC

by Ravina · pythonwebappsphp

https://www.exploit-db.com/exploits/52085

View Code ZIP pw:eip

nomisec SCANNER 2 stars

by im-hanzou · remote

https://github.com/im-hanzou/EVCer

View Code ZIP pw:eip

nomisec WORKING POC

by Sn20393873 · poc

https://github.com/Sn20393873/Extensive

View Code ZIP pw:eip

Nuclei Templates (1)

Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE

HIGHby c4sper0

Shodan: http.html:/wp-content/plugins/extensive-vc-addon/

FOFA: body=/wp-content/plugins/extensive-vc-addon/

References (1)

[Exploit, Third Party Advisory] https://wpscan.com/vulnerability/239ea870-66e5-4754-952e-74d4dd60b809

Scores

CVSS v3 7.5

EPSS 0.9273

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2025-08-17

Status published

Products (1)

wprealize/extensive_vc_addons_for_wpbakery_page_builder < 1.9.1

Published Feb 13, 2023

Tracked Since Feb 18, 2026