CVE-2026-27065
PHP Local File Inclusion Vulnerability in BuilderPress
Publication date: 2026-03-19
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thimpress | builderpress | From 2.0.1|end_including=2.0.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-27065 is a Local File Inclusion (LFI) vulnerability found in the WordPress BuilderPress plugin versions up to and including 2.0.1.
This vulnerability allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filename parameters in PHP include/require statements.
As a result, attackers can potentially access sensitive information stored in local files, such as database credentials.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'Exploiting this vulnerability can lead to exposure of sensitive information like database credentials.'}, {'type': 'paragraph', 'content': "With these credentials, an attacker could potentially take over the entire database depending on the website's configuration."}, {'type': 'paragraph', 'content': 'The vulnerability has a very high severity score of 9.8, indicating it is highly dangerous and likely to be exploited in widespread attacks.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The CVE-2026-27065 vulnerability is a Local File Inclusion (LFI) flaw in the WordPress BuilderPress plugin that allows unauthenticated attackers to include and display local files from the target website.
Detection typically involves monitoring for unusual HTTP requests attempting to include local files or scanning the plugin files for vulnerable code patterns.
Since no official patch is available yet, using the mitigation rule provided by Patchstack can help block exploitation attempts.
Specific commands are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the BuilderPress plugin to the latest version if an update becomes available.
Since no official patch is currently available, applying the mitigation rule issued by Patchstack can block attacks exploiting this flaw.
Users are strongly advised to seek assistance from their hosting provider or web developer if updating the plugin is not possible.