WordPress Especio theme <= 1.0 - Local File Inclusion vulnerability

Vulnerability

The Especio WordPress theme versions 1.0 and below contain an unauthenticated local file inclusion (LFI) vulnerability. The bug resides in the theme's code and can be triggered without any authentication or special configuration. Attackers can exploit this by sending specially crafted requests to include arbitrary local files from the server [1].

Exploitation

An unauthenticated attacker can exploit this vulnerability by sending HTTP requests to the vulnerable endpoint, bypassing any access controls. No previous authentication or user interaction is required. The attack surface is accessible to anyone with network access to the site [1].

Impact

Successful exploitation allows an attacker to read local files, including sensitive configuration files such as wp-config.php that contain database credentials. This could lead to complete database compromise and full site takeover, depending on the server configuration [1].

Mitigation

Users should update the Especio theme to the latest available version. The advisory [1] stresses immediate action due to the high risk and expected mass exploitation. If an update is not possible, users should contact their hosting provider or web developer for assistance. No version beyond 1.0 has been explicitly released as a fix, but the recommendation is to update promptly [1].