Plattform
wordpress
Komponente
wpcf7-redirect
Behoben in
3.2.5
CVE-2025-8141 describes an arbitrary file access vulnerability affecting the Redirection for Contact Form 7 plugin for WordPress. This flaw allows unauthenticated attackers to delete files on the server, potentially leading to remote code execution. The vulnerability impacts versions 0.0.0 through 3.2.4 of the plugin, and a fix is available in version 3.2.5.
The core impact of CVE-2025-8141 lies in the ability for an attacker to delete arbitrary files on a WordPress server. The vulnerability stems from insufficient file path validation within the deleteassociatedfiles function. This means an attacker can craft a request to delete any file the webserver user has write access to. The most critical scenario involves deleting wp-config.php, which contains sensitive database credentials and configuration settings. Loss of this file would effectively grant the attacker complete control over the WordPress installation, enabling them to execute arbitrary code, steal data, and compromise the entire system. The ease of exploitation, requiring no authentication, significantly increases the risk.
CVE-2025-8141 was publicly disclosed on 2025-08-20. While no active exploitation campaigns have been confirmed as of this writing, the ease of exploitation and the potential for RCE make it a high-priority vulnerability. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept code is likely to emerge given the vulnerability's nature and the public disclosure.
WordPress websites utilizing the Redirection for Contact Form 7 plugin, particularly those running versions 0.0.0 through 3.2.4, are at risk. Shared hosting environments where users have limited control over server file permissions are especially vulnerable, as an attacker could potentially exploit this vulnerability to impact other websites hosted on the same server.
• wordpress / composer / npm:
wp plugin list --status=active | grep Redirection• wordpress / composer / npm:
wp plugin update --all• wordpress / composer / npm:
wp plugin status | grep Redirection• wordpress / composer / npm:
find /var/www/html/wp-content/plugins/redirection-for-contact-form7/ -name 'delete_associated_files.php'disclosure
Exploit-Status
EPSS
0.35% (57% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-8141 is to immediately upgrade the Redirection for Contact Form 7 plugin to version 3.2.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. Restrict file write permissions for the webserver user to the absolute minimum required. Implement a Web Application Firewall (WAF) rule to block requests containing suspicious file paths or deletion attempts targeting sensitive files. Monitor WordPress logs for unusual file deletion activity. While a direct detection signature is difficult, monitoring for modifications to wp-config.php is crucial.
Actualice el plugin Redirection for Contact Form 7 a la versión 3.2.5 o superior para solucionar la vulnerabilidad de eliminación arbitraria de archivos. Esta actualización corrige la falta de validación adecuada de las rutas de archivo, previniendo que atacantes no autenticados eliminen archivos sensibles en el servidor.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-8141 is a HIGH severity vulnerability in the Redirection for Contact Form 7 WordPress plugin allowing unauthenticated attackers to delete files, potentially leading to remote code execution.
You are affected if your WordPress site uses Redirection for Contact Form 7 version 0.0.0 through 3.2.4. Upgrade immediately.
Upgrade the Redirection for Contact Form 7 plugin to version 3.2.5 or later. If immediate upgrade is not possible, implement temporary workarounds like WAF rules or restricted file permissions.
While no public exploits are currently known, the ease of exploitation suggests a potential for active exploitation. Monitor security advisories.
Refer to the official Redirection for Contact Form 7 plugin website and WordPress security announcements for the latest advisory and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.