EIP-2026-113999
PRE-CVEWordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113999. PoCs published by Kuroi'SH.
AI-analyzed exploit summary The exploit demonstrates a file inclusion vulnerability in WordPress Really Simple Guest Post plugin (v<=1.0.6) via the 'rootpath' POST parameter, allowing arbitrary file reads (e.g., /etc/passwd). The PoC uses curl to send a crafted POST request to the vulnerable endpoint.
Description
WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion
Exploits (1)
The exploit demonstrates a file inclusion vulnerability in WordPress Really Simple Guest Post plugin (v<=1.0.6) via the 'rootpath' POST parameter, allowing arbitrary file reads (e.g., /etc/passwd). The PoC uses curl to send a crafted POST request to the vulnerable endpoint.