CVE-2026-1557
published 2026-02-26CVE-2026-1557: The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it…
PriorityP180high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.72%
74.6th percentile
The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| stuartbates | wp_responsive_images | <= 1.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated GET requests to image_handler.php with a 'src' parameter containing path traversal sequences or absolute paths (e.g., /wp-config.php). A successful exploit response body will contain both 'DB_NAME' and 'DB_PASSWORD'. ↗
- →Response body containing both 'DB_NAME' and 'DB_PASSWORD' strings indicates successful arbitrary file read of wp-config.php via this vulnerability. ↗
- →The vulnerable parameter is 'src' in the image_handler.php script of the WP Responsive Images plugin (versions <= 1.0). No authentication is required to exploit this path traversal. ↗
- ·The Nuclei template matcher accepts HTTP 200 OR 403 status codes as a match condition, meaning a 403 response alone does not confirm exploitation — body content ('DB_NAME' and 'DB_PASSWORD') must also be present to confirm a true positive. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hvcw-qp77-8m24: The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1
ghsa_unreviewed·2026-02-26
CVE-2026-1557 [HIGH] CWE-22 GHSA-hvcw-qp77-8m24: The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1
The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
VulnCheck
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2026·CVSS 7.5
CVE-2026-1557 [HIGH] Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected: Stuart Bates WP Responsive Images
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://tracker.crowdsec.net/cves/CVE-2026-1557
No detection rules found.
Nuclei
WP Responsive Images <= 1.0 - Arbitrary File Read
nuclei·CVSS 7.5
CVE-2026-1557 [HIGH] WP Responsive Images <= 1.0 - Arbitrary File Read
WP Responsive Images <= 1.0 - Arbitrary File Read
WP Responsive Images plugin for WordPress <= 1.0 contains a path traversal caused by improper sanitization of the 'src' parameter, letting unauthenticated attackers read arbitrary files on the server.
Template:
id: CVE-2026-1557
info:
name: WP Responsive Images <= 1.0 - Arbitrary File Read
author: Shivam Kamboj
severity: high
description: |
WP Responsive Images plugin for WordPress <= 1.0 contains a path traversal caused by improper sanitization of the 'src' parameter, letting unauthenticated attackers read arbitrary files on the server.
impact: |
nauthenticated attackers can read arbitrary files, potentially exposing sensitive information.
remediation: |
Update to the latest version of WP Responsive Images plugin.
reference:
- https://
https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/SBOutputFile.php#L33https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/WPResponsiveImages.php#L265https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/image_handler.php#L28https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/SBOutputFile.php#L33https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/WPResponsiveImages.php#L265https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/image_handler.php#L28https://www.wordfence.com/threat-intel/vulnerabilities/id/22c6f81b-d456-44b9-ba6c-8b207a9ee6e1?source=cve
2026-02-26
Published
Exploited in the wild