Primary

Context

EPC AI Hub WordPress Theme Unrestricted File Upload Vulnerability Allowing Web Shells

Vulnerability

A vulnerability allowing unrestricted file uploads has been identified in the EPC AI Hub WordPress theme, affecting versions through 1.3.3. This flaw enables users to upload web shells to the server, potentially leading to unauthorized access and execution of malicious scripts.

Impact

Exploitation of this vulnerability could allow for arbitrary file uploads, including web shells that could be executed on the server to gain further access or control.

Remediation

Users of the EPC AI Hub WordPress theme are advised to update to a version beyond 1.3.3, as no official fix is currently available. However, Patchstack has issued a virtual patch that can be applied to mitigate this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EPC AI Hub WordPress Theme Unrestricted File Upload Vulnerability Allowing Web Shells

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating