CVE-2025-52814
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-52814 is a Local File Inclusion (LFI) vulnerability in the WordPress BRW plugin up to version 1.7.9. It allows unauthenticated attackers to include and display local files from the target website by exploiting improper control of filenames in PHP include/require statements. This can lead to exposure of sensitive files such as database credentials and potentially allow complete database takeover depending on the site configuration. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to sensitive files on your website, such as configuration files containing database credentials. Exploitation could lead to a complete takeover of your database and potentially your entire website. Since the vulnerability is unauthenticated and has a high severity score, it poses a significant risk of mass exploitation by automated attacks targeting unpatched sites. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Local File Inclusion vulnerability can be challenging as plugin-based malware scanners may be unreliable. Patchstack suggests monitoring for attack attempts that try to include local files via the vulnerable plugin. Specific commands are not provided in the resources. Users should consider using web application firewalls or intrusion detection systems with rules targeting LFI patterns related to the BRW plugin. Professional incident response is recommended if compromise is suspected. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves applying the virtual patch (vPatch) provided by Patchstack, which blocks attack attempts targeting this vulnerability without requiring plugin updates. Since no official fix or patched version is available yet, deploying this virtual patch is critical to protect the site. Additionally, users should monitor for signs of compromise and seek professional incident response if needed. [1]