Local File Inclusion Vulnerability in Processby Responsive Sidebar Plugin
CVE-2025-60073

7.5HIGH

Key Information:

Vendor: WordPress
Status: Responsive Sidebar
Vendor: CVE Published:; 6 November 2025

What is CVE-2025-60073?

The Processby Responsive Sidebar plugin is susceptible to a Local File Inclusion vulnerability due to improper handling of filenames in PHP included files. This flaw allows attackers to exploit the system by leveraging the plugin's include/require statements to access sensitive files, potentially leading to unauthorized information disclosure or further attacks on the server. This vulnerability affects versions of the Responsive Sidebar plugin up to and including 1.2.2.

Affected Version(s)

Responsive Sidebar <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/resp...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 6, 2025
Vulnerability Reserved
Sep 25, 2025

Credit

LVT-tholv2k | Patchstack Bug Bounty Program

JSON

WordPress

What is CVE-2025-60073?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit