WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability

Vulnerability

The Geya WordPress theme versions up to and including 1.15 contain an unauthenticated local file inclusion vulnerability [1]. The flaw resides in a file inclusion mechanism that fails to properly sanitize user-supplied input, allowing an attacker to include arbitrary local files without authentication.

Exploitation

An unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable endpoint, specifying a path to a local file. No authentication or user interaction is required, making it suitable for mass-exploitation campaigns [1].

Impact

Successful exploitation allows an attacker to read arbitrary files from the server, including sensitive files such as wp-config.php which contains database credentials. This can lead to complete database compromise and further server-side attacks [1].

Mitigation

The vendor has not yet released a patched version. Users are advised to update the Geya theme to the latest available version as soon as a fix is released. In the meantime, consider implementing web application firewall rules to block malicious file inclusion attempts. Given the active exploitation risk, immediate action is recommended [1].