EIP-2026-104792

PRE-CVE

WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104792. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in the WordPress Responsive Thumbnail Slider plugin v1.0, allowing authenticated attackers to upload and execute malicious PHP files.

Description

WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotephp

https://www.exploit-db.com/exploits/45099

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in the WordPress Responsive Thumbnail Slider plugin v1.0, allowing authenticated attackers to upload and execute malicious PHP files.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress Responsive Thumbnail Slider Plugin v1.0

Auth required

Prerequisites: Valid WordPress credentials · Responsive Thumbnail Slider Plugin v1.0 installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026