README.md
Rendering markdown...
name: cve-2026-1581
services:
# VULN STACK (wpForo 2.4.14)
db_vuln:
image: mariadb:10.11.6
environment:
MARIADB_DATABASE: wpvuln
MARIADB_USER: wp
MARIADB_PASSWORD: wp
MARIADB_ROOT_PASSWORD: root
healthcheck:
test: ["CMD", "mariadb-admin", "ping", "-h", "127.0.0.1", "-uroot", "-proot"]
interval: 3s
timeout: 3s
retries: 30
volumes:
- db_vuln:/var/lib/mysql
networks: [lab]
seed_vuln:
image: wordpress:cli-2.12.0-php8.2
user: "0:0"
depends_on:
db_vuln:
condition: service_healthy
environment:
DB_HOST: db_vuln:3306
DB_NAME: wpvuln
DB_USER: wp
DB_PASS: wp
SITE_URL: http://localhost:8081
SITE_TITLE: wpforo-vuln
ADMIN_USER: admin
ADMIN_PASS: adminpass
ADMIN_EMAIL: [email protected]
WP_CORE_VERSION: "6.4.3"
WP_LOCALE: "en_US"
PLUGIN_SLUG: wpforo
PLUGIN_VERSION: "2.4.14"
FORUM_SLUG: community
PHP_MEMORY_LIMIT: 512M
volumes:
- wp_vuln:/var/www/html
- ./scripts/seed-wp.sh:/seed-wp.sh:ro
entrypoint: ["/bin/sh", "/seed-wp.sh"]
networks: [lab]
restart: "no"
wp_vuln:
image: wordpress:6.4.3-php8.2-apache
depends_on:
db_vuln:
condition: service_healthy
seed_vuln:
condition: service_completed_successfully
ports:
- "127.0.0.1:8081:80"
environment:
WORDPRESS_DB_HOST: db_vuln:3306
WORDPRESS_DB_USER: wp
WORDPRESS_DB_PASSWORD: wp
WORDPRESS_DB_NAME: wpvuln
volumes:
- wp_vuln:/var/www/html
networks: [lab]
command: >
bash -lc "a2enmod rewrite >/dev/null &&
sed -i 's/AllowOverride None/AllowOverride All/g' /etc/apache2/apache2.conf &&
apache2-foreground"
# PATCHED STACK (wpForo 2.4.15)
db_patched:
image: mariadb:10.11.6
environment:
MARIADB_DATABASE: wppatched
MARIADB_USER: wp
MARIADB_PASSWORD: wp
MARIADB_ROOT_PASSWORD: root
healthcheck:
test: ["CMD", "mariadb-admin", "ping", "-h", "127.0.0.1", "-uroot", "-proot"]
interval: 3s
timeout: 3s
retries: 30
volumes:
- db_patched:/var/lib/mysql
networks: [lab]
seed_patched:
image: wordpress:cli-2.12.0-php8.2
user: "0:0"
depends_on:
db_patched:
condition: service_healthy
environment:
DB_HOST: db_patched:3306
DB_NAME: wppatched
DB_USER: wp
DB_PASS: wp
SITE_URL: http://localhost:8082
SITE_TITLE: wpforo-patched
ADMIN_USER: admin
ADMIN_PASS: adminpass
ADMIN_EMAIL: [email protected]
WP_CORE_VERSION: "6.4.3"
WP_LOCALE: "en_US"
PLUGIN_SLUG: wpforo
PLUGIN_VERSION: "2.4.15"
FORUM_SLUG: community
PHP_MEMORY_LIMIT: 512M
volumes:
- wp_patched:/var/www/html
- ./scripts/seed-wp.sh:/seed-wp.sh:ro
entrypoint: ["/bin/sh", "/seed-wp.sh"]
networks: [lab]
restart: "no"
wp_patched:
image: wordpress:6.4.3-php8.2-apache
depends_on:
db_patched:
condition: service_healthy
seed_patched:
condition: service_completed_successfully
ports:
- "127.0.0.1:8082:80"
environment:
WORDPRESS_DB_HOST: db_patched:3306
WORDPRESS_DB_USER: wp
WORDPRESS_DB_PASSWORD: wp
WORDPRESS_DB_NAME: wppatched
volumes:
- wp_patched:/var/www/html
networks: [lab]
command: >
bash -lc "a2enmod rewrite >/dev/null &&
sed -i 's/AllowOverride None/AllowOverride All/g' /etc/apache2/apache2.conf &&
apache2-foreground"
networks:
lab:
volumes:
db_vuln:
wp_vuln:
db_patched:
wp_patched: