Primary

Context

Zozothemes Wiguard WordPress Theme Arbitrary File Upload Vulnerability

Vulnerability

An arbitrary file upload vulnerability has been identified in the Zozothemes Wiguard WordPress theme, affecting versions prior to 2.0.1. This vulnerability allows users to upload files of any type, including potentially malicious files such as web shells, which could be executed on the server to gain unauthorized access or control.

Impact

Exploitation of this vulnerability could lead to the upload of malicious files, such as backdoors, which could be executed to gain further access to the website.

Remediation

Users are advised to update to version 2.0.1 or later. Patchstack has also issued a mitigation rule to block attacks until the update is applied.

Added: Feb 20, 2026, 5:04 PM

Updated: Feb 20, 2026, 5:04 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

5.2

remediation

0.0

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zozothemes Wiguard WordPress Theme Arbitrary File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating