Path Traversal Vulnerability in WOLF Plugin by realmag777
CVE-2025-24605

7.2HIGH

Key Information:

Vendor: WordPress
Status: Wolf
Vendor: CVE Published:; 3 February 2025

Summary

A path traversal vulnerability in the WOLF plugin developed by realmax777 allows attackers to access files and directories outside the intended scope. This issue affects versions from n/a through 1.0.8.5, enabling unauthorized access to sensitive system files, potentially exposing confidential data or system configuration. Users are urged to apply necessary security measures to mitigate this risk.

Affected Version(s)

WOLF <= 1.0.8.5

References

https://patchstack.com/database/wordpress/plugin/bulk-edi...

vdb-entry

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Jan 23, 2025

Credit

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)