A high-severity vulnerability has been identified in the "RadiusTheme Widget for Google Reviews," a third-party plugin. This flaw, classified as a Local File Inclusion, could allow an unauthenticated attacker to read sensitive files from the web server, potentially exposing confidential data such as configuration details, user credentials, or system files. Organizations using this widget should prioritize the immediate application of security updates to mitigate the risk of a data breach.

The vulnerability is a Local File Inclusion (LFI) within the "RadiusTheme Widget for Google Reviews" plugin. The application fails to properly sanitize user-supplied input that is used to construct a filename for an include or require PHP statement. An attacker can exploit this by crafting a malicious request containing path traversal sequences (e.g., ../) to navigate the server's file system and include arbitrary local files. Successful exploitation allows the attacker to view the contents of sensitive files within the permissions of the web server's user account, such as wp-config.php or /etc/passwd, leading to significant information disclosure.

This vulnerability is rated as High severity with a CVSS score of 8.1. Exploitation could lead to a significant data breach by exposing sensitive information, including database credentials, API keys, application source code, and server configuration details. This stolen information could be leveraged by attackers to conduct further, more damaging attacks against the organization's infrastructure. The potential consequences include financial loss, reputational damage, regulatory fines, and the complete compromise of the affected web application.

Immediate Action: Apply the security updates provided by the vendor (RadiusTheme) for the "Widget for Google Reviews" plugin immediately. After patching, review web server and application access logs for any signs of past exploitation attempts, such as unusual requests containing file path traversal characters.

Proactive Monitoring: Configure monitoring and alerting to detect potential exploitation attempts. Specifically, monitor web server access logs for GET or POST requests to plugin-related endpoints that contain path traversal sequences (../, ..\/) or absolute file paths (e.g., /etc/passwd, C:\boot.ini). Implement or tune Web Application Firewall (WAF) rules to specifically block and alert on LFI attack patterns.

Compensating Controls: If immediate patching is not feasible, consider disabling the "RadiusTheme Widget for Google Reviews" plugin until it can be updated. Implementing a WAF with a robust ruleset to detect and block LFI attacks can serve as a critical compensating control. Additionally, ensure the web server process runs with the lowest possible privileges and is restricted from accessing files and directories outside of the web root.

Public Exploit Available: false

Given the high CVSS score of 8.1 and the potential for sensitive data exposure, it is strongly recommended that organizations immediately identify all instances of the "RadiusTheme Widget for Google Reviews" plugin and apply the vendor-supplied patch without delay. Although this vulnerability is not currently listed on the CISA KEV list, its severity and the ease of exploitation make it a high-priority target for remediation. Proactive monitoring and the application of compensating controls should be implemented as part of a defense-in-depth strategy.