{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1557", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-28T17:23:50.112Z", "datePublished": "2026-02-26T01:24:14.199Z", "dateUpdated": "2026-04-08T16:41:46.877Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:41:46.877Z"}, "affected": [{"vendor": "stuartbates", "product": "WP Responsive Images", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "WP Responsive Images <= 1.0 - Unauthenticated Path Traversal to Arbitrary File Read via src", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22c6f81b-d456-44b9-ba6c-8b207a9ee6e1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/SBOutputFile.php#L33"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/image_handler.php#L28"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/image_handler.php#L28"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/WPResponsiveImages.php#L265"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/WPResponsiveImages.php#L265"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/SBOutputFile.php#L33"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2026-02-25T12:50:15.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-26T15:30:56.675604Z", "id": "CVE-2026-1557", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:31:50.388Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1557", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-26T15:30:56.675604Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:31:29.754Z"}}], "cna": {"title": "WP Responsive Images <= 1.0 - Unauthenticated Path Traversal to Arbitrary File Read via src", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "stuartbates", "product": "WP Responsive Images", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-25T12:50:15.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22c6f81b-d456-44b9-ba6c-8b207a9ee6e1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/SBOutputFile.php#L33"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/image_handler.php#L28"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/image_handler.php#L28"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/WPResponsiveImages.php#L265"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/WPResponsiveImages.php#L265"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/SBOutputFile.php#L33"}], "descriptions": [{"lang": "en", "value": "The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:41:46.877Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1557", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:41:46.877Z", "dateReserved": "2026-01-28T17:23:50.112Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-26T01:24:14.199Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El plugin WP Responsive Images para WordPress es vulnerable a salto de ruta en todas las versiones hasta la 1.0, inclusive, a trav\u00e9s del par\u00e1metro 'src'. Esto permite a atacantes no autenticados leer el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n sensible."}], "id": "CVE-2026-1557", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-26T02:16:19.990", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/SBOutputFile.php#L33"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/WPResponsiveImages.php#L265"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/tags/1.0/image_handler.php#L28"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/SBOutputFile.php#L33"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/WPResponsiveImages.php#L265"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-responsive-images/trunk/image_handler.php#L28"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22c6f81b-d456-44b9-ba6c-8b207a9ee6e1?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "WP Responsive Images", "source": "cna", "vendor": "stuartbates"}, "product": "wp_responsive_images", "vendor": "stuartbates"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-21T23:40:46.515100+00:00", "value": {"mitigation_remediation": ["Update WP Responsive Images to the latest available version or remove the plugin if it is no longer needed.", "If an update is not possible immediately, temporarily disable the plugin or comment out the file\u2011retrieval code to prevent arbitrary file reads.", "Ensure the web server\u2019s file system permissions restrict read access to critical directories (e.g., configuration, user uploads) so that even if the flaw is exploited, sensitive files remain inaccessible."], "summary": {"action": "Patch", "impact": "Arbitrary File Read"}, "threat_synthesis": {"affected_systems": "The affected product is the WP Responsive Images plugin developed by Stuart Bates. All released versions up to and including 1.0 are vulnerable. Users running WordPress with this plugin installed on any version of the plugin in the 1.0 series are impacted.", "description_and_impact": "The vulnerability resides in the WP Responsive Images WordPress plugin and allows an unauthenticated attacker to provide a crafted 'src' parameter that triggers a Path Traversal flaw (CWE\u201122). This flaw enables reading the contents of arbitrary files on the hosting server, potentially exposing sensitive information such as configuration files, credentials, or source code. The impact is a confidentiality breach; there is no direct evidence of code execution, denial of service, or other secondary effects in the provided data.", "risk_and_exploitability": "The CVSS score is 7.5, reflecting a high severity for confidentiality loss. The EPSS score of 28% indicates a relatively high probability of exploitation in practice. The vulnerability is not listed in the CISA KEV catalog. Attackers can trigger the flaw by sending a web request containing an arbitrary 'src' value, and no authentication is required. The exploit path is straightforward via standard HTTP request manipulation."}}}}, "created": "2026-02-26T13:10:04.307164+00:00", "updated": "2026-04-21T23:45:02.973189+00:00", "vendors": ["stuartbates", "stuartbates$PRODUCT$wp_responsive_images", "wordpress", "wordpress$PRODUCT$wordpress"]}