CVE-2026-57796
Received Received - Intake

BaseFortify

Vulnerability report for CVE-2026-57796, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-13

Last updated on: 2026-07-13

Assigner: Patchstack

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through <= 3.0.0.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-13
Last Modified
2026-07-13
Generated
2026-07-13
AI Q&A
2026-07-13
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
vlthemes leedo to 3.0.0 (inc)
vlthemes leedo 3.0.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Local File Inclusion (LFI) issue in the WordPress Leedo Theme versions 3.0.0 and below. It allows attackers to manipulate the filename used in include or require statements in PHP, enabling them to include and display local files from the target website.

By exploiting this flaw, an attacker can potentially access sensitive files on the server, such as configuration files or database credentials, if the server's configuration permits.

The vulnerability is classified under OWASP Top 10 category A3: Injection and has a CVSS v3.1 base score of 7.5, indicating a moderate severity.

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized disclosure of sensitive information stored on the server, such as database credentials or configuration files.

This exposure can facilitate further attacks, including data breaches, website defacement, or unauthorized access to backend systems.

Although the risk of exploitation is considered low, such vulnerabilities are often targeted in mass-exploit campaigns, increasing the likelihood of attack.

Detection Guidance

The vulnerability is a Local File Inclusion (LFI) issue in the WordPress Leedo Theme versions 3.0.0 and below, which allows attackers to include and display local files from the target website.

To detect this vulnerability on your system, you can check if your WordPress installation is using the Leedo theme version 3.0.0 or below.

You can also monitor web server logs for suspicious requests attempting to include local files, such as requests containing patterns like "../../" or attempts to access sensitive files.

Specific commands to help detect potential exploitation attempts include:

  • Using grep to search web server access logs for suspicious patterns: grep -E "(\.{2}/|etc/passwd|boot.ini)" /var/log/apache2/access.log
  • Using curl or wget to test if the theme is vulnerable by attempting to include a local file via URL parameters (only on a test environment): curl "http://yourwebsite.com/?page=../../../../etc/passwd"

Note that no official detection scripts or patches are currently available, so manual inspection and monitoring are recommended.

Mitigation Strategies

Immediate mitigation steps include:

  • Update the Leedo theme to a version higher than 3.0.0 if and when an official patch or update becomes available.
  • If no patch is available, consider temporarily disabling the Leedo theme or switching to a different theme to prevent exploitation.
  • Seek assistance from your hosting provider or a developer to implement custom fixes or workarounds.
  • Monitor your web server logs for suspicious activity indicating attempts to exploit the vulnerability.

Since the vulnerability allows local file inclusion, restricting file permissions and hardening your server configuration can also help reduce risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57796. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart