CVE-2026-1557

HIGH EXPLOITED NUCLEI

WP Responsive Images <=1.0 - Path Traversal

Title source: llm

Exploitation Summary

CVE-2026-1557 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Sechunt3r. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2026-1557, demonstrating a path traversal vulnerability in the WP Responsive Images WordPress plugin (version <= 1.0). The exploit allows unauthenticated attackers to read arbitrary files on the server via the 'src' parameter in the image_handler.php script.

Description

The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

Exploits (1)

github WORKING POC

by Sechunt3r · shellpoc

https://github.com/Sechunt3r/CVE-POCs/tree/main/CVE-2026-1557

View Code ZIP pw:eip

The repository contains a functional exploit for CVE-2026-1557, demonstrating a path traversal vulnerability in the WP Responsive Images WordPress plugin (version <= 1.0). The exploit allows unauthenticated attackers to read arbitrary files on the server via the 'src' parameter in the image_handler.php script.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WP Responsive Images WordPress plugin <= 1.0

No auth needed

Prerequisites: Target must have the vulnerable WP Responsive Images plugin installed and accessible

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Mar 12, 2026 Full analysis →

Nuclei Templates (1)

WP Responsive Images <= 1.0 - Arbitrary File Read

HIGHVERIFIEDby Shivam Kamboj

References (7)

Core 7

Core References

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/SBOutputFile.php#L33

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/WPResponsiveImages.php#L265

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/image_handler.php#L28

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/SBOutputFile.php#L33

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/WPResponsiveImages.php#L265

Product

https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/image_handler.php#L28

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/22c6f81b-d456-44b9-ba6c-8b207a9ee6e1?source=cve

Scores

CVSS v3 7.5

EPSS 0.2889

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2026-04-02

CWE

CWE-22

Status published

Products (1)

stuartbates/WP Responsive Images < 1.0

Published Feb 26, 2026

Tracked Since Feb 26, 2026