EIP-2026-114318

PRE-CVE

WordPress Theme Daily Deal - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114318. PoCs published by DevilScreaM.

AI-analyzed exploit summary The provided text describes a file upload vulnerability in the Daily Deal WordPress theme, allowing arbitrary file uploads due to insufficient input sanitization. This could lead to remote code execution (RCE) if an attacker uploads malicious files.

Description

WordPress Theme Daily Deal - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by DevilScreaM · textwebappsphp

https://www.exploit-db.com/exploits/38811

View Code ZIP pw:eip

The provided text describes a file upload vulnerability in the Daily Deal WordPress theme, allowing arbitrary file uploads due to insufficient input sanitization. This could lead to remote code execution (RCE) if an attacker uploads malicious files.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Daily Deal WordPress theme (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable upload endpoint

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1204 - User Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026