CVE-2026-52707: WordPress Kastell theme <= 2.0 - Local File Inclusion vulnerability
Unauthenticated Local File Inclusion in Kastell <= 2.0 versions.
Metrics
- CVSS v3.1
- 8.1
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
A local file inclusion vulnerability affects the Kastell WordPress theme at version 2.0 and below. The flaw is reachable over the network without any authentication, though exploitation requires overcoming environmental conditions tied to high attack complexity. A successful attacker can read arbitrary files from the server, modify data, and crash the affected service. No upstream patch has been published yet; HarborGuard tracks the advisory for patch availability.
HarborGuard Coverage
Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds, including Patchstack, within minutes of publication and matched against customer images in registries and CI pipelines. Coverage extends to custom-built images that bundle the Kastell theme directly.
AvailableHarborGuard scores this finding at CVSS 8.1 HIGH using the recorded v3.1 vector and applies per-environment compliance policy weighting to determine priority and routing. Triage alerts are directed to the appropriate team inbox within each customer organization based on configured ownership rules.
AvailableBecause no fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment the upstream maintainer ships a remediated release. For customers with auto-remediation enabled, a rebuild, regression run, and PR against affected workloads will be triggered automatically at that point.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The vulnerable theme endpoint is exposed over the network, so an attacker must be able to reach the WordPress installation via HTTP or HTTPS.
- AuthenticationNot required
No account or session credential is needed; the vulnerability is exploitable by any unauthenticated request.
- Victim interactionNot required
No user action is required; the attacker sends crafted requests directly to the server without involving any logged-in user.
- Attack complexityDetail
Attack complexity is rated High, meaning the attacker must satisfy specific environmental conditions or timing constraints beyond simple request crafting, such as particular server configurations or path traversal prerequisites.
Blast Radius
- Reads arbitrary files from the server filesystem, including WordPress configuration files containing database credentials and secret keys.
- Reads sensitive operating system files such as /etc/passwd or application secrets stored outside the web root.
- Depending on server configuration, may enable writing or overwriting files on the server, altering application behavior or injecting malicious code.
- Can destabilize or crash the affected service if critical runtime files are corrupted or overwritten during exploitation.
How HarborGuard Handles This
Available on HarborGuard: this CVE is actively tracked with no upstream patch currently available. For images containing Kastell theme versions 2.0 and below, HarborGuard flags the finding at HIGH severity and routes it according to each environment's compliance policy. As compensating controls, customers can apply network-policy isolation to restrict inbound HTTP traffic to trusted sources, add egress filtering to limit what the web process can read from the filesystem at the container level, and consider feature-flag gating or removal of the affected theme until a patch is available. HarborGuard re-evaluates the advisory on every ingest cycle; for customers with auto-remediation enabled, a patched-image rebuild, regression test run, and PR against affected workloads will be triggered automatically as soon as the upstream maintainer publishes a fix.
- Mikado-Themes / Kastell≤ 2.0
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H