EIP-2026-113619

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113619. PoCs published by Leopoldo Angulo (leoanggal1).

AI-analyzed exploit summary This exploit leverages a Remote File Inclusion (RFI) vulnerability in the WordPress Canto plugin (CVE-2023-3452) by manipulating the 'wp_abspath' parameter to include and execute arbitrary remote code. It sets up a local web server to host a malicious PHP shell and triggers the vulnerability via a crafted HTTP request.

Description

Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

Exploits (1)

exploitdb WORKING POC

by Leopoldo Angulo (leoanggal1) · pythonwebappsphp

https://www.exploit-db.com/exploits/51826

View Code ZIP pw:eip

This exploit leverages a Remote File Inclusion (RFI) vulnerability in the WordPress Canto plugin (CVE-2023-3452) by manipulating the 'wp_abspath' parameter to include and execute arbitrary remote code. It sets up a local web server to host a malicious PHP shell and triggers the vulnerability via a crafted HTTP request.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress Canto Plugin < 3.0.5

No auth needed

Prerequisites: allow_url_include enabled on the target server · network access to the target WordPress site

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

Exploitation Summary

Description

Exploits (1)

Details