CVE-2025-49295
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qodeinteractive | mediclinic | to 2.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-35 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-49295 is a Local File Inclusion (LFI) vulnerability in the WordPress MediClinic Theme up to version 2.1. It allows an unauthenticated attacker to include and display local files from the target website, potentially exposing sensitive information such as database credentials. This vulnerability falls under the OWASP Top 10 category A3: Injection and can be exploited without any privileges. [1]
How can this vulnerability impact me? :
This vulnerability can lead to exposure of sensitive information like database credentials and, depending on the website's configuration, could result in a complete database takeover. It is highly dangerous due to the possibility of widespread automated attacks and requires no privileges to exploit. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring for attempts to exploit Local File Inclusion (LFI) by looking for suspicious HTTP requests that include file path traversal patterns targeting the MediClinic theme. Specific commands are not provided in the resources, but generally, you can use web server logs analysis tools or commands like 'grep' to search for suspicious URL parameters containing '../' or similar patterns in access logs. For example: grep -E "(\.{2}/|etc/passwd)" /var/log/apache2/access.log. Additionally, monitoring for unusual file inclusion attempts or unexpected file reads related to the MediClinic theme may help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack to block attacks targeting this vulnerability until you can update. The definitive fix is to update the MediClinic WordPress theme to version 2.2 or later, which addresses the Local File Inclusion vulnerability. Patchstack recommends either immediate mitigation using the vPatch or updating to the fixed version to prevent exploitation. [1]