免费扫描
CRITICALCVE-2025-2505CVSS 9.8

Age Gate <= 3.5.3 - 通过 'lang' 参数实现的未认证本地 PHP 文件包含漏洞

平台

wordpress

组件

age-gate

修复版本

3.5.4

AI Confidence: highNVDEPSS 2.0%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2025-2505 describes a critical Local PHP File Inclusion (LFI) vulnerability discovered in the Age Gate plugin for WordPress. This flaw allows unauthenticated attackers to include and execute arbitrary PHP files on the server, potentially leading to complete system compromise. The vulnerability affects versions from 0.0.0 up to and including 3.5.3, and a patch is available in version 3.5.4.

WordPress

检测此 CVE 是否影响你的项目

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描

影响与攻击场景翻译中…

The impact of this vulnerability is severe. An attacker can leverage the 'lang' parameter to include and execute malicious PHP code. This could involve uploading a seemingly harmless file (like an image) and then including it via the LFI vulnerability. Successful exploitation allows attackers to bypass access controls, steal sensitive data stored on the server (database credentials, configuration files), and ultimately achieve remote code execution. The attacker effectively gains control over the WordPress instance and potentially the underlying server. This is akin to a remote code execution (RCE) vulnerability, albeit requiring local file upload as a prerequisite.

利用背景翻译中…

This vulnerability was publicly disclosed on March 20, 2025. While no active exploitation campaigns have been publicly confirmed, the critical severity and ease of exploitation make it a high-priority target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are likely to emerge, increasing the risk of widespread exploitation.

哪些人处于风险中翻译中…

WordPress websites utilizing the Age Gate plugin, particularly those running older versions (0.0.0–3.5.3), are at significant risk. Shared hosting environments are especially vulnerable as they often have limited access controls and a higher concentration of vulnerable plugins. Websites with lax file upload policies are also at increased risk.

检测步骤翻译中…

• wordpress / plugin:

wp plugin list | grep age-gate

• wordpress / plugin: Check the plugin version using wp plugin list and verify it is below 3.5.4. • wordpress / server: Examine WordPress access logs for requests containing suspicious 'lang' parameters, such as those attempting to include system files (e.g., /etc/passwd). • wordpress / server: Monitor WordPress error logs for PHP inclusion errors related to the 'lang' parameter. • generic web: Use curl to test the Age Gate endpoint with various 'lang' parameters to see if arbitrary file inclusion is possible. curl 'https://example.com/wp-content/plugins/age-gate/age-gate.php?lang=/etc/passwd'

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

2.01% (84% 百分位)

CISA SSVC

利用情况none
可自动化yes
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredNone攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
无 — 无需认证,无需凭证即可利用。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件age-gate
供应商philsbury
影响范围修复版本
0 – 3.5.33.5.4

软件包信息

活跃安装数
40K已知
插件评分
4.6
需要WordPress版本
6.0.0+
兼容至
6.8.5
需要PHP版本
7.4+
主页

弱点分类 (CWE)

CWE-22

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation is to immediately upgrade the Age Gate plugin to version 3.5.4 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting file uploads to only explicitly allowed file types. Implement strict input validation on the 'lang' parameter to prevent malicious file inclusions. Web Application Firewalls (WAFs) configured to detect and block attempts to include arbitrary files can provide an additional layer of defense. Monitor WordPress logs for unusual file inclusion attempts, specifically targeting the 'lang' parameter. A YARA rule could be created to detect the presence of malicious PHP files uploaded via this vulnerability.

修复方法

将 Age Gate 插件更新到 3.5.4 或更高版本以缓解 PHP 文件包含漏洞。 此更新修复了 'lang' 参数的处理方式,防止包含任意文件。

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2025-2505 — LFI in Age Gate WordPress Plugin?

CVE-2025-2505 is a critical Local PHP File Inclusion vulnerability affecting the Age Gate WordPress plugin, allowing attackers to execute arbitrary code.

Am I affected by CVE-2025-2505 in Age Gate WordPress Plugin?

You are affected if you are using Age Gate plugin versions 0.0.0 through 3.5.3. Check your plugin version immediately.

How do I fix CVE-2025-2505 in Age Gate WordPress Plugin?

Upgrade the Age Gate plugin to version 3.5.4 or later to resolve the vulnerability. Consider temporary mitigations if immediate upgrade is not possible.

Is CVE-2025-2505 being actively exploited?

While no active exploitation campaigns have been confirmed, the vulnerability's severity and ease of exploitation make it a high-priority target.

Where can I find the official Age Gate advisory for CVE-2025-2505?

Check the Age Gate plugin's official website or WordPress plugin repository for the latest advisory and update information.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE