EIP-2026-113491

PRE-CVE

WordPress Core 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113491. PoCs published by Lance M. Havok.

AI-analyzed exploit summary This Ruby script is a functional exploit tool targeting WordPress installations, specifically designed to fingerprint versions and exploit vulnerabilities in WordPress 2.2.2 and earlier. It includes multiple techniques for version detection and potential exploitation, with covertness features to minimize noise.

Description

WordPress Core 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Lance M. Havok · rubywebappsphp

https://www.exploit-db.com/exploits/4397

View Code ZIP pw:eip

This Ruby script is a functional exploit tool targeting WordPress installations, specifically designed to fingerprint versions and exploit vulnerabilities in WordPress 2.2.2 and earlier. It includes multiple techniques for version detection and potential exploitation, with covertness features to minimize noise.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: WordPress <= 2.2.2

No auth needed

Prerequisites: Target URL with WordPress installation · Network access to the target

MITRE ATT&CK

T1592 - Gather Victim Host Information T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026