Description
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands and upload additional files for persistent access.
Published: 2026-06-08
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from a flaw in the Seotheme WordPress theme that permits an attacker to upload arbitrary PHP files without authentication. Uploading such a file creates a shell that can be accessed via the theme directory, enabling execution of system commands, file uploads and persistent control over the web server. This level of access compromises confidentiality, integrity and availability of the affected site and the underlying infrastructure.

Affected Systems

The flaw affects installations of the WordPress Seotheme theme within the WP Travel Kit:Travelscape product. No specific version numbers are disclosed in the advisory, so all versions referenced by the vendor should be checked for the patch. The theme is typically found under wp-content/themes/seotheme, and the vulnerability can be exploited by any user with the ability to upload files to that directory.

Risk and Exploitability

The CVSS score of 9.3 indicates critical severity. Exploit probability information (EPSS) is not available, and the issue is not listed in the CISA KEV catalog. The likely attack path is unauthenticated remote exploitation via HTTP uploads; an attacker can freely upload a malicious PHP shell to the theme directory, then use it to run arbitrary code on the host. Because authentication is not required, the exposure is wide and the risk is high.

Generated by OpenCVE AI on June 8, 2026 at 03:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Seotheme theme to the latest patched release provided by the vendor or remove it entirely.
  • Eliminate any malicious uploads by deleting PHP files from /wp-content/themes/seotheme and scanning the directory for unauthorized changes.
  • Enforce strict file system permissions on the theme directory to prevent write access from non‑trusted users and consider using a web application firewall to block suspicious uploads.

Generated by OpenCVE AI on June 8, 2026 at 03:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Wp Travel Kit
Wp Travel Kit travelscape
Vendors & Products Wordpress
Wordpress wordpress
Wp Travel Kit
Wp Travel Kit travelscape

Mon, 08 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 08 Jun 2026 02:00:00 +0000

Type Values Removed Values Added
Description WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands and upload additional files for persistent access.
Title WordPress Seotheme Remote Code Execution Unauthenticated
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Wordpress Wordpress
Wp Travel Kit Travelscape
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-08T16:32:49.210Z

Reserved: 2026-01-10T01:51:52.987Z

Link: CVE-2023-54352

cve-icon Vulnrichment

Updated: 2026-06-08T13:20:09.672Z

cve-icon NVD

Status : Deferred

Published: 2026-06-08T02:16:23.107

Modified: 2026-06-08T14:59:44.750

Link: CVE-2023-54352

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T08:57:41Z

Weaknesses
  • CWE-306

    Missing Authentication for Critical Function