Plattform
wordpress
Komponente
beeteam368-extensions-pro
Behoben in
2.3.5
CVE-2025-6379 is a critical Directory Traversal vulnerability discovered in the BeeTeam368 Extensions Pro plugin for WordPress. This flaw allows authenticated attackers with Subscriber-level access or higher to access and potentially manipulate files outside of the plugin's intended directory, posing a significant risk to WordPress sites. The vulnerability affects versions 0.0.0 through 2.3.4, and a patch is available in version 2.3.5.
The Directory Traversal vulnerability in BeeTeam368 Extensions Pro allows authenticated attackers to read and potentially modify files outside the plugin's designated directory. The most severe consequence is the ability to delete the wp-config.php file, which contains sensitive database credentials and configuration settings. Deletion of this file effectively leads to a complete site takeover, granting the attacker full control over the WordPress installation. This vulnerability is particularly concerning because it requires only Subscriber-level access, a relatively low privilege within a WordPress environment, making a large number of users potentially vulnerable. The impact is similar to other file manipulation vulnerabilities where attackers can gain unauthorized access to critical system files.
CVE-2025-6379 was publicly disclosed on 2025-06-28. There is no indication of this vulnerability being actively exploited in the wild at this time. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the relatively simple nature of directory traversal vulnerabilities suggests that such exploits are likely to emerge.
WordPress sites utilizing the BeeTeam368 Extensions Pro plugin, particularly those with Subscriber-level users or higher, are at risk. Shared hosting environments where multiple WordPress installations share the same server resources are also at increased risk, as a compromise of one site could potentially lead to access to others. Sites using older, unpatched versions of the plugin are especially vulnerable.
• wordpress / composer / npm:
grep -r "handle_live_fn()" /var/www/html/wp-content/plugins/bee-team368-extensions-pro/• generic web:
curl -I http://your-wordpress-site.com/wp-content/plugins/bee-team368-extensions-pro/../wp-config.php• wordpress / composer / npm:
wp plugin list --status=all | grep 'bee-team368-extensions-pro'disclosure
Exploit-Status
EPSS
0.24% (47% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-6379 is to immediately upgrade the BeeTeam368 Extensions Pro plugin to version 2.3.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider restricting file access permissions within the WordPress environment. Implement strict file access controls to limit the ability of Subscriber-level users to modify files outside of the plugin's designated directory. While not a complete solution, a Web Application Firewall (WAF) configured to block requests containing directory traversal sequences (e.g., ../) can provide an additional layer of defense. After upgrading, verify the fix by attempting to access files outside the plugin's intended directory using a web browser or a tool like curl – access should be denied.
Actualice el plugin BeeTeam368 Extensions Pro a la versión 2.3.5 o superior para mitigar la vulnerabilidad de Directory Traversal. Esta actualización corrige la forma en que el plugin maneja las rutas de archivos, previniendo el acceso no autorizado y la posible eliminación de archivos críticos como wp-config.php.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-6379 is a HIGH severity Directory Traversal vulnerability affecting the BeeTeam368 Extensions Pro WordPress plugin, allowing authenticated attackers to access files outside intended directories and potentially take over the site.
You are affected if your WordPress site uses BeeTeam368 Extensions Pro versions 0.0.0 through 2.3.4. Check your plugin versions immediately.
Upgrade the BeeTeam368 Extensions Pro plugin to version 2.3.5 or later to remediate the vulnerability. Consider WAF rules as a temporary mitigation if upgrading is not immediately possible.
There are currently no publicly available exploits or reports of active exploitation campaigns, but the vulnerability is considered HIGH severity and may be targeted.
Refer to the BeeTeam368 Extensions Pro plugin documentation and website for the official advisory and release notes regarding version 2.3.5.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.