EIP-2026-113918
PRE-CVEWordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113918. PoCs published by T3N38R15.
AI-analyzed exploit summary The exploit describes a Local File Inclusion (LFI) vulnerability in the WordPress plugin 'website contact form with file upload' version 1.5. The vulnerability arises from improper file inclusion in the 'image-processor.php' file, allowing an attacker to include arbitrary PHP files on the system via path traversal.
Description
WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion
Exploits (1)
The exploit describes a Local File Inclusion (LFI) vulnerability in the WordPress plugin 'website contact form with file upload' version 1.5. The vulnerability arises from improper file inclusion in the 'image-processor.php' file, allowing an attacker to include arbitrary PHP files on the system via path traversal.