Plattform
wordpress
Komponente
database-toolset
Behoben in
1.8.5
CVE-2025-3065 is an arbitrary file access vulnerability discovered in the Database Toolset WordPress plugin. This vulnerability allows unauthenticated attackers to delete files on the server, posing a significant risk of remote code execution. The vulnerability affects versions 1.0.0 through 1.8.4, and a patch is available in version 1.8.5.
The impact of CVE-2025-3065 is severe. Successful exploitation allows an attacker to delete arbitrary files on the server hosting the WordPress site. A particularly dangerous scenario involves deleting the wp-config.php file, which contains sensitive database credentials and configuration settings. Deletion of this file effectively disables the WordPress site and provides the attacker with a pathway to gain control over the database and potentially the entire server. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of attackers.
CVE-2025-3065 was publicly disclosed on April 24, 2025. The vulnerability's ease of exploitation and potential for RCE suggest a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept exploits are likely to emerge quickly, increasing the risk. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting vulnerable WordPress sites.
WordPress sites utilizing the Database Toolset plugin, particularly those running older versions (1.0.0–1.8.4), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited control over plugin updates and file permissions. Sites with misconfigured file permissions or those lacking robust security monitoring are also at increased risk.
• wordpress / composer / npm:
grep -r "wp_delete_file" /var/www/html/wp-content/plugins/database-toolset/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/database-toolset/wp-delete-file.php?file=../../../../wp-config.php' # Check for 200 OK or other unexpected responsedisclosure
Exploit-Status
EPSS
4.41% (89% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-3065 is to immediately upgrade the Database Toolset plugin to version 1.8.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. While a direct WAF rule to prevent file deletion is difficult, restricting file access permissions on the server can limit the damage. Carefully review file permissions to ensure that the WordPress user only has the necessary access. After upgrading, verify the fix by attempting to access a non-existent file via the vulnerable endpoint; it should return a 404 error instead of allowing deletion.
Aktualisieren Sie das Database Toolset Plugin auf Version 1.8.5 oder höher, um die Schwachstelle der beliebigen Datei-Löschung zu beheben. Dieses Update behebt die unzureichende Validierung von Dateipfaden, wodurch verhindert wird, dass nicht authentifizierte Angreifer sensible Dateien auf dem Server löschen, wie z. B. wp-config.php.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3065 is a critical vulnerability in the Database Toolset WordPress plugin allowing unauthenticated attackers to delete arbitrary files, potentially leading to remote code execution.
You are affected if you are using Database Toolset versions 1.0.0 through 1.8.4. Immediately check your plugin version and upgrade if necessary.
Upgrade the Database Toolset plugin to version 1.8.5 or later. If upgrading is not possible, implement temporary workarounds like restricting file permissions.
While active exploitation is not yet confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation. Monitor security advisories.
Refer to the official Database Toolset plugin website and WordPress.org plugin repository for the latest security advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.