CVE-2025-49451
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-35 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a high-severity Directory Traversal (Path Traversal) issue in the WordPress plugin Aeroscroll Gallery β Infinite Scroll Image Gallery & Post Grid with Photo Gallery, affecting versions up to 1.0.12. It allows unauthenticated attackers to access and enumerate files and directories outside the intended scope, potentially exposing sensitive information or enabling further exploitation of the system. It falls under the OWASP Top 10 category A1: Broken Access Control. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to access sensitive files and directories on your system without authentication, which may lead to exposure of confidential information or enable further attacks on your website or server. Since there is no official patch yet, your site remains at high risk of exploitation unless you apply the available virtual patch to block attack attempts. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for exploitation attempts targeting the Aeroscroll Gallery plugin, specifically attempts to access files or directories outside the intended scope via path traversal. Since plugin-based malware scanners may be unreliable, it is recommended to use network monitoring tools to detect suspicious HTTP requests containing directory traversal patterns (e.g., '../'). Commands such as using curl or wget to test for path traversal attempts or using network packet capture tools like tcpdump or Wireshark to filter for suspicious requests can help. For example, a command to test might be: curl -v "http://yourwebsite.com/wp-content/plugins/aeroscroll-gallery/?file=../../etc/passwd" to see if unauthorized file access is possible. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) released by Patchstack, which blocks exploitation attempts until an official fix is available. Users should apply this virtual patch promptly to protect their websites. Additionally, monitoring for signs of compromise and seeking professional incident response services if a compromise is suspected are advised. Since no official fixed version is currently available, relying on the virtual patch is the primary recommended action. [1]