CVE-2025-14829
BaseFortify
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: WPScan
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | e_xact_hosted_payment | to 2.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the E-xact | Hosted Payment WordPress plugin version 2.0 and earlier. It allows unauthenticated attackers to delete arbitrary files on the server due to insufficient file path validation and missing authorization controls. Attackers can exploit this by sending a specially crafted POST request to the plugin's downloadBackup.php script, using parameters that specify which files to delete. Directory traversal techniques can be used to delete files beyond the intended scope, making the vulnerability critical. [1]
How can this vulnerability impact me? :
This vulnerability can have a severe impact by allowing attackers without any authentication to delete arbitrary files on the server hosting the WordPress plugin. This could lead to loss of important data, disruption of services, potential server instability, and could be leveraged as part of a larger attack to compromise the server or website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a crafted POST request to the plugin's downloadBackup.php script with a parameter specifying a file to delete, such as "download_current_backup=readme.txt". Monitoring for such POST requests targeting downloadBackup.php with suspicious parameters can help detect exploitation attempts. For example, using curl to test: curl -X POST -d "download_current_backup=readme.txt" https://yourwordpresssite.com/wp-content/plugins/e-xact-hosted-payment/downloadBackup.php. Additionally, inspecting web server logs for unusual POST requests to this script with file deletion parameters can help identify attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the downloadBackup.php script, such as limiting access by IP address or disabling the script if not needed. Since there is currently no known fix for this vulnerability, it is recommended to monitor and block suspicious requests targeting this endpoint. Additionally, consider removing or disabling the e-xact-hosted-payment plugin until a patch is available to prevent exploitation. [1]