CVE-2025-12654
Unknown Unknown - Not Provided
Arbitrary Directory Creation in WPvivid Backup Plugin

Publication date: 2025-12-21

Last updated on: 2025-12-21

Assigner: Wordfence

Description
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and including, 0.9.120. This is due to the check_filesystem_permissions() function not properly restricting the directories that can be created, or in what location. This makes it possible for authenticated attackers, with Administrator-level access and above, to create arbitrary directories.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-21
Last Modified
2025-12-21
Generated
2026-06-16
AI Q&A
2025-12-21
EPSS Evaluated
2026-06-14
NVD
CVE-2025-12654
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
wpvivid backup_migration 0.9.120
wpvivid backup_migration 0.9.121
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-73 The product allows user input to control or influence paths or file names that are used in filesystem operations.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the WPvivid Backup & Migration WordPress plugin (up to version 0.9.120) and allows authenticated users with Administrator-level access or higher to create arbitrary directories on the server. The issue arises because the function check_filesystem_permissions() does not properly restrict where or what directories can be created, enabling directory creation beyond intended limits. [3]

Impact Analysis

An attacker with Administrator-level access could exploit this vulnerability to create arbitrary directories on the server. This could potentially be used to store malicious files, interfere with site operations, or prepare for further attacks. Although the CVSS score is low (2.7), indicating limited impact, the ability to create directories arbitrarily can lead to increased risk of site compromise or data integrity issues. [3]

Detection Guidance

Detection of this vulnerability involves checking if the WPvivid Backup & Migration plugin version is 0.9.120 or earlier, as these versions allow arbitrary directory creation due to improper filesystem permission checks. Specifically, you can verify if the plugin attempts to create directories without proper restrictions by testing filesystem permissions similar to the plugin's AJAX permission check: attempt to create and delete a directory and a test file within it. Commands to manually test this on the server could include: 1) mkdir -p /path/to/testdir 2) touch /path/to/testdir/wpvividstg_test_file.txt 3) rm -rf /path/to/testdir If these commands succeed without proper restrictions, the system may be vulnerable. Additionally, monitoring WordPress admin AJAX calls related to staging site creation and filesystem permission checks (e.g., wp_ajax_wpvividstg_check_filesystem_permissions_free) can help detect exploitation attempts. However, no explicit detection commands are provided in the resources. [3]

Mitigation Strategies

Immediate mitigation steps include: 1) Updating the WPvivid Backup & Migration plugin to version 0.9.121 or later, where the vulnerability is addressed by improved filesystem permission checks and safer staging site creation processes. 2) Restricting administrator-level access to trusted users only, since exploitation requires authenticated admin privileges. 3) Monitoring and restricting AJAX endpoints related to staging and filesystem permissions to prevent unauthorized directory creation. 4) Ensuring proper filesystem permissions (e.g., directories set to 755) to prevent unauthorized directory or file creation by the plugin or attackers. These steps reduce the risk of arbitrary directory creation by authenticated attackers. [3, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12654. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart