CVE-2025-13322
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-11-21
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | wp_audio_gallery | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the WP AUDIO GALLERY WordPress plugin (versions up to 2.0) where an AJAX handler called wpag_uploadaudio_callback() does not properly validate user-supplied file paths in the audio_upload parameter before using the unlink() function. This allows authenticated users with subscriber-level access or higher to delete arbitrary files on the server.
How can this vulnerability impact me? :
An attacker with subscriber-level access or above can delete arbitrary files on the server, including critical files such as wp-config.php. Deleting such critical files can lead to remote code execution, potentially compromising the entire server and website.