Impact
The vulnerability in WordPress Tipsy theme versions 1.1 and earlier allows an unauthenticated attacker to trigger a local file inclusion (LFI). By manipulating the theme’s internal file path handling, an attacker can read arbitrary files from the server, including sensitive configuration files or logs that may contain credentials or other private data. If the attacker is able to force the inclusion of a PHP file that contains malicious code, the LFI could be leveraged as a foothold for remote code execution, potentially leading to full compromise of the site.
Affected Systems
Any WordPress installation that has the ThemeREX Tipsy theme of version 1.1 or lower. The weakness is confined to this theme’s file handling logic and does not affect other WordPress core files or plugins unless they import the same vulnerable components.
Risk and Exploitability
The CVSS score of 8.1 indicates a high severity for this LFI. While an EPSS score is not available, the vulnerability is not listed in the CISA KEV catalog, suggesting that there are currently no known widespread exploits. Nevertheless, the attack vector is effectively anyone with access to the web interface, and the vulnerability can be exploited without authentication. The lack of detected exploits does not reduce the risk because the LFI is easy to trigger once the vulnerable theme is installed.
OpenCVE Enrichment