PHP Remote File Inclusion Vulnerability in Gwolle Guestbook for WordPress
CVE-2015-8351

9CRITICAL

Key Information:

Vendor
Wordpress
Status
Gwolle Guestbook
Vendor
CVE Published:
11 September 2017

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 57%

Summary

A remote file inclusion vulnerability exists in the Gwolle Guestbook plugin versions before 1.5.4 for WordPress. When 'allow_url_include' is enabled, this flaw allows authenticated users to execute arbitrary PHP code via a crafted URL in the 'abspath' parameter of 'frontend/captcha/ajaxresponse.php'. Additionally, the vulnerability allows attackers to exploit directory traversal sequences to include and execute arbitrary local files, posing a severe risk to site integrity and security.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

exploit-CVE-2015-8351
Created by igruntplay

CVE-2015-8351
Created by G01d3nW01f

References

https://wordpress.org/plugins/gwolle-gb/changelog/
x_refsource_CONFIRM
https://www.htbridge.com/advisory/HTB23275
x_refsource_MISC
https://www.exploit-db.com/exploits/38861/
exploitx_refsource_EXPLOIT-DB

EPSS Score

57% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.