CVE-2023-0159

HIGH EXPLOITED NUCLEI

Extensive VC Addons for WPBakery <1.9.1 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-0159 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Ravina, im-hanzou, Sn20393873. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit targets CVE-2023-0159 in Extensive VC Addons for WPBakery Page Builder < 1.9.1, allowing unauthenticated remote code execution (RCE) and local file inclusion (LFI) via a vulnerable AJAX endpoint. It uses PHP filter chains to bypass restrictions and execute arbitrary commands.

Description

The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains.

Exploits (3)

exploitdb WORKING POC
by Ravina · pythonwebappsphp
https://www.exploit-db.com/exploits/52085

This exploit targets CVE-2023-0159 in Extensive VC Addons for WPBakery Page Builder < 1.9.1, allowing unauthenticated remote code execution (RCE) and local file inclusion (LFI) via a vulnerable AJAX endpoint. It uses PHP filter chains to bypass restrictions and execute arbitrary commands.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Extensive VC Addons for WPBakery Page Builder < 1.9.1
No auth needed
Prerequisites: Target must have Extensive VC Addons for WPBakery Page Builder < 1.9.1 installed · PHP filter chains must be supported on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 2 stars
by im-hanzou · remote
https://github.com/im-hanzou/EVCer

This repository contains a bash script that automates the checking of CVE-2023-0159, an unauthenticated Local File Inclusion (LFI) vulnerability in Extensive VC Addons for WPBakery page builder. The script uses GNU Parallel to test multiple targets concurrently by sending a crafted HTTP request to the vulnerable endpoint.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Extensive VC Addons for WPBakery page builder < 1.9.1
No auth needed
Prerequisites: GNU Parallel installed · List of target URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by Sn20393873 · poc
https://github.com/Sn20393873/Extensive

This repository contains a proof-of-concept for CVE-2023-0159, demonstrating stack trace parsing and manipulation in Node.js. The code includes tests for parsing stack traces and handling long stack traces, which could be used to exploit vulnerabilities in error handling or logging mechanisms.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Node.js applications using stack-trace module
No auth needed
Prerequisites: Node.js environment · Access to execute JavaScript code
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE
HIGHby c4sper0
Shodan: http.html:/wp-content/plugins/extensive-vc-addon/
FOFA: body=/wp-content/plugins/extensive-vc-addon/

References (1)

Core 1
Core References
Exploit, Third Party Advisory exploit vdb-entry technical-description
https://wpscan.com/vulnerability/239ea870-66e5-4754-952e-74d4dd60b809

Scores

CVSS v3 7.5
EPSS 0.5574
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2025-08-17
Status published
Products (1)
wprealize/extensive_vc_addons_for_wpbakery_page_builder < 1.9.1
Published Feb 13, 2023
Tracked Since Feb 18, 2026