CVE-2025-69046
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-29
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | irecco_core | From 1.3.6|end_including=1.3.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-98 | The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69046 is a Local File Inclusion (LFI) vulnerability in the WordPress iRecco Core Plugin versions up to and including 1.3.6. It allows unauthenticated attackers to include and display local files from the target website. This can expose sensitive information such as database credentials and potentially lead to a complete database takeover depending on the website's configuration. [1]
How can this vulnerability impact me? :
This vulnerability can have a severe impact by allowing attackers to access sensitive files on your website without authentication. This can lead to exposure of critical data like database credentials and may result in a complete takeover of your database, compromising the security and integrity of your website and its data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring web server logs for suspicious requests attempting to include local files via the vulnerable parameter in the iRecco Core Plugin. Since this is a Local File Inclusion vulnerability exploitable without authentication, look for HTTP requests containing file inclusion patterns such as '../' sequences or attempts to access sensitive files like /etc/passwd. Specific commands are not provided in the resources, but common approaches include using tools like grep on access logs to find suspicious URL patterns or employing web application scanners that detect LFI vulnerabilities. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves applying the Patchstack mitigation rule designed to block attacks targeting this vulnerability, as no official patch is available yet. Users are strongly advised to implement this mitigation immediately to protect their websites from exploitation. Additionally, restricting access to the vulnerable plugin or disabling it until a patch is released can reduce risk. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can lead to unauthorized access and exposure of sensitive information such as database credentials, which may result in data breaches. Such breaches can cause non-compliance with data protection regulations like GDPR and HIPAA, as these standards require protection of personal and sensitive data against unauthorized access. Therefore, exploitation of this vulnerability poses a significant risk to compliance with these common standards and regulations. [1]