CVE-2025-25122
Published: 03 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-25122 is a Path Traversal vulnerability involving the '.../...//' sequence in the hashshop WizShop wizshop component. This issue affects WizShop versions from n/a through 3.0.2 and has a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), mapped to CWE-35.
Unauthenticated attackers with network access can exploit this vulnerability, though it requires high attack complexity and no user interaction. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially allowing arbitrary file access or manipulation on the affected system.
The Patchstack advisory provides further details on this vulnerability at https://patchstack.com/database/Wordpress/Plugin/wizshop/vulnerability/wordpress-wp-spell-check-plugin-9-21-cross-site-request-forgery-csrf-vulnerability-4?_s_id=cve.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Path traversal in public-facing web component directly enables exploitation via T1190 Exploit Public-Facing Application; arbitrary file access/manipulation facilitates T1005 Data from Local System for reading sensitive files.