Plattform
wordpress
Komponente
wp-editor
Behoben in
1.2.10
CVE-2025-3294 is a Directory Traversal vulnerability affecting the WP Editor plugin for WordPress. This vulnerability allows authenticated attackers with Administrator-level access to overwrite arbitrary files on the server, potentially leading to remote code execution. The vulnerability impacts versions 0.0.0 through 1.2.9.1. A patch is expected from the plugin developer.
The primary impact of CVE-2025-3294 is the potential for arbitrary file overwrites. An attacker, possessing administrator privileges, can leverage this vulnerability to modify critical system files or configuration files. Successful exploitation could lead to remote code execution (RCE) if the web server process has write access to the overwritten files. This could allow an attacker to gain full control of the WordPress instance and potentially the underlying server. The blast radius extends beyond the WordPress site itself, potentially impacting any services running on the same server.
CVE-2025-3294 was publicly disclosed on 2025-04-17. Public proof-of-concept (POC) code is likely to emerge, increasing the risk of exploitation. The vulnerability's ease of exploitation, combined with the widespread use of WordPress, makes it a potential target for automated attacks. It is not currently listed on CISA KEV, but its severity warrants monitoring.
WordPress websites utilizing the WP Editor plugin, particularly those with administrator accounts that have unrestricted file upload permissions, are at significant risk. Shared hosting environments where users have administrator access to WordPress installations are also particularly vulnerable.
• wordpress / composer / npm:
grep -r "wp-content/plugins/wp-editor/includes/file-handler.php" /var/www/html/• wordpress / composer / npm:
wp plugin list --status=inactive | grep wp-editor• wordpress / composer / npm:
wp plugin list | grep wp-editordisclosure
Exploit-Status
EPSS
2.33% (85% Perzentil)
CISA SSVC
CVSS-Vektor
The immediate mitigation for CVE-2025-3294 is to upgrade to a patched version of the WP Editor plugin as soon as it becomes available. If upgrading is not immediately feasible, restrict file access permissions on the server to prevent attackers from overwriting sensitive files. Implement a Web Application Firewall (WAF) with rules to block attempts to access or modify files outside of the designated plugin directory. Consider using a security plugin that provides file integrity monitoring to detect unauthorized changes.
Actualice el plugin WP Editor a la última versión disponible para solucionar la vulnerabilidad de recorrido de directorio. Esta actualización corrige la falta de validación de la ruta del archivo, previniendo que atacantes autenticados puedan sobrescribir archivos arbitrarios en el servidor.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3294 is a Directory Traversal vulnerability in the WP Editor WordPress plugin, allowing authenticated attackers to overwrite files.
If you are using the WP Editor plugin in WordPress versions 0.0.0–1.2.9.1, you are potentially affected by this vulnerability.
Upgrade the WP Editor plugin to the latest available version as soon as a patch is released by the plugin developer. Until then, restrict file upload permissions.
There is no confirmed active exploitation of CVE-2025-3294 at this time, but the vulnerability's nature makes it a potential target.
Refer to the plugin developer's website or the WordPress plugin repository for official advisories and updates regarding CVE-2025-3294.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.