Path Traversal Vulnerability in Infility Global by Infility
CVE-2025-47650

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Infility Global
Vendor: CVE Published:; 20 August 2025

What is CVE-2025-47650?

A vulnerability exists in Infility Global that allows attackers to exploit improper limitations of a pathname to access restricted directories. This path traversal vulnerability permits unauthorized access to sensitive files within the system, enabling potential data breaches and security threats. Users running versions from n/a through 2.14.7 are particularly at risk and should take immediate action to mitigate these vulnerabilities.

Affected Version(s)

Infility Global <= 2.14.7

References

https://patchstack.com/database/wordpress/plugin/infility...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2025
Vulnerability Reserved
May 7, 2025

Credit

Martino Spagnuolo (r3verii) (Patchstack Alliance)