CVE-2026-57790
Received Received - Intake

Improper File Inclusion in Billey WordPress Theme

Vulnerability report for CVE-2026-57790, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-13

Last updated on: 2026-07-13

Assigner: Patchstack

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Billey billey allows PHP Local File Inclusion.This issue affects Billey: from n/a through <= 2.1.8.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-13
Last Modified
2026-07-13
Generated
2026-07-13
AI Q&A
2026-07-13
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
thememove billey to 2.1.8 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The WordPress Billey Theme, specifically versions up to and including 2.1.8, contains a Local File Inclusion (LFI) vulnerability. This flaw allows an attacker to include local files from the target website through improper control of filename parameters in PHP include or require statements. Exploiting this vulnerability can expose sensitive data such as database credentials.

The vulnerability is classified under OWASP A3: Injection and requires contributor-level privileges to exploit.

Impact Analysis

Exploiting this Local File Inclusion vulnerability can lead to exposure of sensitive information like database credentials. Depending on the server configuration, this could escalate to a full database takeover.

The vulnerability has a CVSS score of 7.5, indicating a moderate risk, and while considered low severity, it can be exploited in mass campaigns targeting many websites.

Immediate action such as updating the theme or consulting a hosting provider or web developer is recommended to mitigate potential impacts.

Detection Guidance

This vulnerability is a Local File Inclusion (LFI) flaw in the WordPress Billey Theme up to version 2.1.8, which allows attackers to include local files from the target website.

Detection typically involves checking for suspicious requests that attempt to include local files via URL parameters or POST data in the web server logs.

Common detection methods include searching for patterns in web server access logs that contain file inclusion attempts, such as requests with parameters including "../" sequences or references to sensitive files like /etc/passwd.

Example commands to detect such attempts on a Linux system include:

  • grep -i 'include' /var/log/apache2/access.log | grep '\.php'
  • grep -E '\.\./|etc/passwd|php://filter' /var/log/apache2/access.log
  • tail -f /var/log/apache2/access.log | grep -i 'billey'

Additionally, scanning the website files for the vulnerable theme version (<= 2.1.8) can help identify if the vulnerable code is present.

Mitigation Strategies

Immediate mitigation steps include updating the WordPress Billey Theme to a version higher than 2.1.8 if available.

Since no official patch is currently available, it is recommended to seek assistance from your hosting provider or a web developer to apply temporary fixes or workarounds.

Other mitigation measures include restricting file inclusion permissions, disabling remote file inclusion in PHP configurations, and implementing web application firewall (WAF) rules to block suspicious requests.

Monitoring logs for exploitation attempts and limiting contributor-level privileges can also reduce the risk of exploitation.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57790. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart