Platform
wordpress
Component
database-toolset
Opgelost in
1.8.5
CVE-2025-3065 is an arbitrary file access vulnerability discovered in the Database Toolset WordPress plugin. This vulnerability allows unauthenticated attackers to delete files on the server, posing a significant risk of remote code execution. The vulnerability affects versions 1.0.0 through 1.8.4, and a patch is available in version 1.8.5.
The impact of CVE-2025-3065 is severe. Successful exploitation allows an attacker to delete arbitrary files on the server hosting the WordPress site. A particularly dangerous scenario involves deleting the wp-config.php file, which contains sensitive database credentials and configuration settings. Deletion of this file effectively disables the WordPress site and provides the attacker with a pathway to gain control over the database and potentially the entire server. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of attackers.
CVE-2025-3065 was publicly disclosed on April 24, 2025. The vulnerability's ease of exploitation and potential for RCE suggest a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept exploits are likely to emerge quickly, increasing the risk. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting vulnerable WordPress sites.
WordPress sites utilizing the Database Toolset plugin, particularly those running older versions (1.0.0–1.8.4), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited control over plugin updates and file permissions. Sites with misconfigured file permissions or those lacking robust security monitoring are also at increased risk.
• wordpress / composer / npm:
grep -r "wp_delete_file" /var/www/html/wp-content/plugins/database-toolset/• generic web:
curl -I 'https://your-wordpress-site.com/wp-content/plugins/database-toolset/wp-delete-file.php?file=../../../../wp-config.php' # Check for 200 OK or other unexpected responsedisclosure
Exploit Status
EPSS
4.41% (89% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-3065 is to immediately upgrade the Database Toolset plugin to version 1.8.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. While a direct WAF rule to prevent file deletion is difficult, restricting file access permissions on the server can limit the damage. Carefully review file permissions to ensure that the WordPress user only has the necessary access. After upgrading, verify the fix by attempting to access a non-existent file via the vulnerable endpoint; it should return a 404 error instead of allowing deletion.
Werk de Database Toolset plugin bij naar versie 1.8.5 of hoger om de willekeurige bestandverwijderingskwetsbaarheid te mitigeren. Deze update corrigeert het gebrek aan adequate bestandspadvalidatie, waardoor niet-geauthenticeerde aanvallers geen gevoelige bestanden op de server meer kunnen verwijderen, zoals wp-config.php.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-3065 is a critical vulnerability in the Database Toolset WordPress plugin allowing unauthenticated attackers to delete arbitrary files, potentially leading to remote code execution.
You are affected if you are using Database Toolset versions 1.0.0 through 1.8.4. Immediately check your plugin version and upgrade if necessary.
Upgrade the Database Toolset plugin to version 1.8.5 or later. If upgrading is not possible, implement temporary workarounds like restricting file permissions.
While active exploitation is not yet confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation. Monitor security advisories.
Refer to the official Database Toolset plugin website and WordPress.org plugin repository for the latest security advisory and update information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.