Platform
wordpress
Component
advanced-access-manager
Fixed in
5.9.9
CVE-2019-25213 is an unauthenticated Arbitrary File Read vulnerability affecting the Advanced Access Manager plugin for WordPress. This vulnerability allows attackers to read any file on the server, potentially exposing sensitive information like database credentials. It impacts versions of the plugin up to and including 5.9.8.1; a fix is available in version 5.9.9.
The primary impact of CVE-2019-25213 is the potential for unauthorized access to sensitive files on the web server. An attacker can exploit this vulnerability by crafting a malicious request that targets the aam-media parameter without proper validation. Successful exploitation allows the attacker to read any file accessible to the web server process, including the wp-config.php file, which contains database credentials, API keys, and other critical configuration data. Compromise of wp-config.php could lead to complete website takeover, data breaches, and further malicious activity. This vulnerability is particularly concerning because it requires no authentication, making it easily exploitable by a wide range of attackers.
CVE-2019-25213 was publicly disclosed on 2019-12-16. While no active exploitation campaigns have been definitively linked to this specific CVE, the ease of exploitation and the potential for significant impact make it a persistent risk. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are readily available, increasing the likelihood of opportunistic attacks.
Exploit Status
EPSS
46.13% (98% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2019-25213 is to immediately upgrade the Advanced Access Manager plugin to version 5.9.9 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a temporary workaround by restricting access to the vulnerable endpoint using a web application firewall (WAF) or proxy server. Specifically, block requests to the aam-media parameter with invalid or unexpected values. Regularly review file permissions on the server to ensure that sensitive files are not accessible by the web server process. After upgrading, confirm the fix by attempting to access the vulnerable endpoint with a crafted request; the server should return an error indicating access is denied.
Update the Advanced Access Manager plugin to version 5.9.9 or higher. This version contains the security fix that prevents arbitrary file reading. The update can be performed directly from the WordPress admin panel.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-25213 is a critical vulnerability in the Advanced Access Manager WordPress plugin allowing unauthenticated attackers to read any file on the server, including sensitive configuration files.
You are affected if you are using Advanced Access Manager version 5.9.9 or earlier. Immediately check your plugin version and upgrade if necessary.
Upgrade the Advanced Access Manager plugin to version 5.9.9 or later. As a temporary workaround, restrict access to the vulnerable endpoint using a WAF or proxy server.
While no confirmed active campaigns are publicly known, the ease of exploitation and availability of PoCs suggest a risk of opportunistic attacks.
Refer to the Advanced Access Manager plugin documentation and website for the latest security advisories and updates: https://advancedaccessmanager.com/
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.