CVE-2025-48267
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thimpress | wp_pipes | to 1.4.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Arbitrary File Deletion issue in the WordPress WP Pipes plugin (versions up to 1.4.2). It allows unauthenticated attackers to delete arbitrary files on the affected website by exploiting a Path Traversal flaw. This means attackers can remove critical files, potentially causing the website to break or stop functioning. The vulnerability falls under Broken Access Control and is considered highly dangerous and easy to exploit. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can allow attackers to delete important files on your website without authentication. This can lead to your site breaking, ceasing to function, or suffering data loss. Because critical core files can be removed, the website's availability and integrity are at serious risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for attempts to exploit arbitrary file deletion via path traversal in the WP Pipes plugin up to version 1.4.2. Since the vulnerability allows unauthenticated attackers to delete files, you can check web server logs for suspicious requests containing path traversal patterns (e.g., '../'). Additionally, server-side malware scanning is recommended as plugin-based scanners may be unreliable. Specific commands are not provided in the resources, but reviewing access logs with commands like 'grep "\.\./" /var/log/apache2/access.log' or equivalent for your web server may help identify exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the WP Pipes plugin to version 1.4.3 or later, which contains the fix for this vulnerability. If updating immediately is not possible, applying the virtual patch (vPatch) provided by Patchstack can block attacks until the official update is applied. Additionally, enabling auto-update features for vulnerable plugins can help prevent exploitation. If compromise is suspected, seek professional incident response services or perform server-side malware scanning. [1]