CVE-2025-58637
BaseFortify
Publication date: 2025-09-03
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| immonex | kickstart | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Local File Inclusion (LFI) issue in the WordPress immonex Kickstart Plugin versions up to 1.11.6. It allows an attacker with contributor-level privileges to include and display local files from the target website. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover. The vulnerability arises from improper control of filenames used in PHP include/require statements. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can expose sensitive information on your website, including database credentials. Depending on your website's configuration, an attacker could use this information to take over your database completely. This can lead to data breaches, loss of data integrity, and availability issues. Immediate remediation by updating the plugin to version 1.11.13 or later is recommended. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the immonex Kickstart plugin version is up to 1.11.6 and monitoring for attempts to exploit Local File Inclusion (LFI). Since the vulnerability allows an attacker with contributor-level privileges to include local files, reviewing web server logs for suspicious include/require requests or unusual file access patterns can help. Additionally, professional incident response and server-side malware scanning are recommended to detect compromise. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the immonex Kickstart plugin to version 1.11.13 or later, where the vulnerability is fixed. As an interim measure, Patchstack offers virtual patching (vPatching) that auto-mitigates the vulnerability even before official patches are applied. It is also advised to perform professional incident response and server-side malware scanning if compromise is suspected. [1]