CVE-2025-52811
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-35 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-52811 is a Local File Inclusion (LFI) vulnerability in the Davenport - Versatile Blog and Magazine WordPress Theme (up to version 1.3). It allows unauthenticated attackers to include and display local files from the target website. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover depending on the website's configuration. [1]
How can this vulnerability impact me? :
This vulnerability can have a severe impact by allowing attackers to access sensitive files on your website without authentication. This may expose critical data like database credentials and could lead to a full database takeover. Such an attack compromises the confidentiality, integrity, and availability of your website and its data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for exploitation attempts that try to include local files via the vulnerable WordPress theme. Since the vulnerability allows unauthenticated Local File Inclusion (LFI), suspicious HTTP requests containing path traversal patterns (e.g., '../') targeting the Davenport theme files should be inspected. However, plugin-based malware scanners may be unreliable for detection. Patchstack provides a high-priority virtual patch that blocks exploitation attempts, which can also help in detection. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the high-priority virtual patch (vPatch) provided by Patchstack to block exploitation attempts until an official fix is released. Users should also consider professional incident response if their sites have been compromised. Since no official patch or fixed version is currently available, relying on virtual patching and monitoring is critical. [1]