CVE-2025-49448
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an arbitrary file deletion issue in the WordPress FW Food Menu plugin (up to version 6.0.0). It allows unauthenticated attackers to delete arbitrary files on the affected website by exploiting a path traversal flaw. This means attackers can remove critical core files, potentially causing the website to malfunction or become completely inoperable. [1]
How can this vulnerability impact me? :
The impact of this vulnerability includes the potential deletion of important files on your website without any authentication, which can lead to site malfunction or complete inoperability. Because attackers can delete arbitrary files, this can disrupt services, cause data loss, and require significant recovery efforts. The vulnerability has a high severity score (CVSS 8.6) and is likely to be exploited widely. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for exploitation attempts targeting the arbitrary file deletion vulnerability in the FW Food Menu plugin. Since the vulnerability allows unauthenticated arbitrary file deletion, suspicious HTTP requests attempting path traversal or file deletion should be logged and analyzed. Patchstack recommends professional incident response and server-side malware scanning, as plugin-based malware scanners may be unreliable. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the Patchstack virtual patch (vPatch) released to block exploitation attempts until an official fix is available. This virtual patch can be safely applied and tested to protect websites immediately. Additionally, professional incident response and server-side malware scanning are recommended if compromise is suspected. Since no official patch is currently available, relying on the virtual patch and monitoring is critical. [1]