CVE-2025-47695
BaseFortify
Publication date: 2025-09-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solwin | blog_designer_pro | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authenticated Local File Inclusion (LFI) issue in the WordPress Blog Designer PRO plugin (up to version 3.4.7). It allows an attacker with at least subscriber privileges to include and display local files from the target website. These files may contain sensitive information such as database credentials, potentially leading to a complete database takeover depending on the website's configuration. [1]
How can this vulnerability impact me? :
The vulnerability can lead to exposure of sensitive files on the server, including database credentials. This exposure can enable attackers to take over the database completely, compromising the website's confidentiality, integrity, and availability. It poses a high security risk with a CVSS score of 7.5 and can result in significant damage to the affected website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for exploitation attempts targeting the Local File Inclusion (LFI) in the Blog Designer PRO plugin. Since the vulnerability requires authenticated access with at least subscriber privileges, reviewing web server logs for suspicious include/require requests or unusual file access patterns related to the plugin is recommended. Additionally, professional incident response and server-side malware scanning are advised to detect potential compromises. Specific commands are not provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) released by Patchstack, which blocks exploitation attempts until an official patch is available. It is recommended to implement this virtual patch promptly to protect affected sites. Additionally, conducting professional incident response and server-side malware scanning is advised if compromise is suspected. Avoid relying solely on plugin-based malware scanners as they can be tampered with. [1]