{"vulnerability": "CVE-2026-7515", "sightings": [{"uuid": "d6b93ed2-1890-437d-9969-f9e138b164e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7515", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3momy567jwx2t", "content": "BetterDocs Pro \u22643.8.0 hit by CRITICAL LFI (CVE-2026-7515). Unauthenticated attackers can execute PHP code via doc_style. Patch status unknown \u2014 review vendor guidance. https://radar.offseq.com/threat/cve-2026-7515-cwe-98-improper-control-of-filename--18dc28a9a40e8b75 #OffSeq #WordPress #Vulnerabi...", "creation_timestamp": "2026-06-19T09:00:30.792989Z"}, {"uuid": "d22fa33b-074c-418d-a59a-5236456e80ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7515", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116775952596013865", "content": "CVE-2026-7515 | CRITICAL LFI in BetterDocs Pro \u22643.8.0: Unauthenticated attackers can execute arbitrary PHP via doc_style, risking full server compromise. Patch status unknown \u2014 check vendor. https://radar.offseq.com/threat/cve-2026-7515-cwe-98-improper-control-of-filename--18dc28a9a40e8b75 #OffSeq #WordPress #Vulnerability #CVE20267515", "creation_timestamp": "2026-06-19T09:00:34.027928Z"}, {"uuid": "76f0a1e7-81b1-4889-9efe-90f9d186f8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnjzfs262v", "content": "\ud83d\udea8  ALERT: CVE-2026-7515\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nThe BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on", "creation_timestamp": "2026-06-22T00:39:28.310248Z"}, {"uuid": "34c1265a-af31-4510-9122-151ff3cb209b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "seen", "source": "https://t.me/GithubRedTeam/89600", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE_2026_7515\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a izxci\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 08:11:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-7515: BetterDocs Pro &lt;= 3.8.0 - Unauthenticated Local File Inclusion TO RCE EXPLO\u0130T\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:23.322780Z"}, {"uuid": "0a6c2407-d1aa-4d0e-8a14-8bc0cd1fbc7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "seen", "source": "https://t.me/GithubRedTeam/89519", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #POC #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a By-Poloss..-..CVE-2026-7515-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Polosss\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-18 19:03:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nUnauthenticated Local File Inclusion\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:23.449622Z"}, {"uuid": "0190e796-7e3e-4eba-81e3-41fe76474738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "seen", "source": "https://t.me/GithubRedTeam/89600", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE_2026_7515\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a izxci\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 08:11:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-7515: BetterDocs Pro &lt;= 3.8.0 - Unauthenticated Local File Inclusion TO RCE EXPLO\u0130T\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:39.211402Z"}, {"uuid": "6b914901-5b74-483a-8874-c601903b5136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "seen", "source": "https://t.me/GithubRedTeam/89519", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #POC #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a By-Poloss..-..CVE-2026-7515-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Polosss\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-18 19:03:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nUnauthenticated Local File Inclusion\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:39.324709Z"}, {"uuid": "8f826105-3770-4289-ab5b-5900038bbc0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/89519", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #POC #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a By-Poloss..-..CVE-2026-7515-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Polosss\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-18 19:03:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nUnauthenticated Local File Inclusion\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:09.003414Z"}, {"uuid": "f9134a0a-784f-468f-999e-3f7f1ab5fdee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7515", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/89600", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE_2026_7515\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a izxci\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-19 08:11:24\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-7515: BetterDocs Pro &lt;= 3.8.0 - Unauthenticated Local File Inclusion TO RCE EXPLO\u0130T\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:09.140346Z"}]}