CVE-2023-25995
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-25995 is a Local File Inclusion (LFI) vulnerability in the WordPress AI Mortgage Calculator plugin up to version 1.0.1. It allows an attacker with at least Contributor-level privileges to include and display local files from the target website. This means the attacker can access sensitive files on the server, such as those containing database credentials, by exploiting improper control of filenames in PHP include/require statements. [1]
How can this vulnerability impact me? :
This vulnerability can lead to exposure of sensitive files on the server, including database credentials. Depending on the server configuration, this could result in a complete database takeover. Although the CVSS score is 7.5 indicating moderate severity, the exploitability is limited. However, if exploited, it can cause significant confidentiality, integrity, and availability impacts to the affected system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for attempts to exploit the Local File Inclusion vulnerability by checking web server logs for suspicious requests that include file path traversal patterns or attempts to include local files via the AI Mortgage Calculator plugin. Specific commands depend on your environment, but for example, you can use grep to search web server logs for suspicious parameters related to file inclusion, such as: 1. grep -i 'include' /var/log/apache2/access.log 2. grep -E '\.\./|include' /var/log/apache2/access.log Additionally, monitoring for unusual file access or errors related to file inclusion in logs can help detect exploitation attempts. Since the vulnerability requires at least Contributor-level privileges, reviewing user activity and permissions in WordPress may also help detect suspicious behavior. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) provided by Patchstack, which can auto-mitigate the vulnerability even without an official fix. Users should monitor for updates from the plugin developer or Patchstack, restrict user privileges to the minimum necessary (especially limiting Contributor-level access), and consider professional incident response if compromise is suspected. Since no official patch is currently available, virtual patching and strict access control are the best immediate defenses. [1]