Skip to main content

BookPro WordPress Plugin EUVDEUVD-2026-37669

| CVE-2026-27400 HIGH
Path Traversal (CWE-22)
2026-06-17 Patchstack
8.6
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
8.6 HIGH
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
vuln.today AI
8.6 HIGH

Unauthenticated network-reachable endpoint with no user interaction; arbitrary file deletion changes scope to WordPress core and yields high availability impact with no direct confidentiality or integrity primitive.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:L/SA:L

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 12:25 vuln.today

DescriptionCVE.org

Unauthenticated Arbitrary File Deletion in BookPro <= 1.1.0 versions.

AnalysisAI

Unauthenticated arbitrary file deletion in the OvaTheme BookPro WordPress plugin (versions ≤ 1.1.0) allows remote attackers to delete arbitrary files from the underlying server via a path traversal flaw (CWE-22). Deletion of critical files such as wp-config.php can force a WordPress site into the setup state, enabling site takeover, while the scope-changed CVSS 3.1 score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/A:H) and Patchstack disclosure mark this as a high-priority issue despite no public exploit being identified at time of analysis.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Identify WordPress site running BookPro ≤ 1.1.0
Delivery
Send crafted request with traversal path
Exploit
Plugin resolves path outside intended directory
Install
Unlink() deletes wp-config.php
C2
WordPress enters setup wizard
Execute
Attacker reinstalls pointing to attacker DB
Impact
Full site takeover

Vulnerability AssessmentAI

Exploitation The vulnerable BookPro plugin (OvaTheme ovabookpro, version ≤ 1.1.0) must be installed and active on a network-reachable WordPress site; no authentication, user interaction, or non-default configuration is required (CVSS PR:N/UI:N/AC:L). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Multiple signals point to elevated real-world risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker sends a single crafted HTTP request to the vulnerable BookPro endpoint with a file path parameter containing directory-traversal sequences pointing at wp-config.php (or another sensitive file). The plugin invokes its file deletion routine on the resolved path and removes the target; with wp-config.php gone, WordPress redirects visitors to the installation wizard, allowing the attacker to point the site at an attacker-controlled database and seize full administrative control. …
Remediation Patch availability is not explicitly stated in the supplied data - no vendor-released patch identified at time of analysis beyond the Patchstack listing, which should be consulted directly at https://patchstack.com/database/wordpress/plugin/ovabookpro/vulnerability/wordpress-bookpro-plugin-1-1-0-arbitrary-file-deletion-vulnerability for fixed-version confirmation; upgrade to any BookPro release later than 1.1.0 once OvaTheme publishes one. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Immediately deactivate and remove OvaTheme BookPro plugin from all WordPress installations; if removal is not feasible, deploy WAF rules blocking path traversal patterns (../ sequences) targeting plugin and core WordPress directories. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-37669 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy