CVE-2025-48130

| EUVD-2025-17530 HIGH
2025-06-09 [email protected]
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:21 euvd
EUVD-2025-17530
Analysis Generated
Mar 14, 2026 - 19:21 vuln.today
CVE Published
Jun 09, 2025 - 16:15 nvd
HIGH 7.5

Tags

Path Traversal

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spicethemes Spice Blocks allows Path Traversal. This issue affects Spice Blocks: from n/a through 2.0.7.2.

Analysis

Path traversal vulnerability in Spice Blocks (a WordPress plugin by spicethemes) affecting versions through 2.0.7.2 that allows unauthenticated remote attackers to read arbitrary files from the affected server. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector, no authentication required, and high confidentiality impact, making it a significant information disclosure risk for WordPress installations using this plugin.

Technical Context

This vulnerability represents a classic CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) flaw in the Spice Blocks WordPress plugin. The plugin fails to properly sanitize or validate file path parameters, allowing attackers to use path traversal sequences (such as '../' or absolute paths) to navigate outside intended directories and access restricted files. WordPress plugins operate with the privileges of the WordPress installation, giving successful exploitation the ability to read sensitive files including wp-config.php (containing database credentials), .env files, private keys, and other sensitive data on the hosting environment. The vulnerability is particularly dangerous because it requires no authentication (PR:N in CVSS) and no user interaction (UI:N), meaning any unauthenticated internet user can exploit it via a simple HTTP request.

Affected Products

Product: Spice Blocks (WordPress Plugin) | Vendor: spicethemes | Affected Versions: All versions from initial release through 2.0.7.2 (inclusive) | Attack Vector: Network | Authentication: Not required | User Interaction: Not required | Scope: Unchanged. CPE string would be: cpe:2.3:a:spicethemes:spice-blocks:*:*:*:*:*:wordpress:*:* with version constraint <=2.0.7.2. No specific enterprise/cloud configurations identified in the vulnerability description, indicating the issue affects all standard WordPress installations using Spice Blocks.

Remediation

Immediate actions: (1) WordPress administrators running Spice Blocks should update to a version beyond 2.0.7.2 immediately upon availability; (2) If update is not immediately available, disable or deactivate the Spice Blocks plugin until a patch is released; (3) Apply Web Application Firewall (WAF) rules blocking common path traversal patterns (../, ..\ , encoded variants) to requests targeting plugin directories. Detection: (4) Check web server logs (Apache/Nginx access logs) for requests containing '../' or similar sequences targeting the spice-blocks plugin directory (/wp-content/plugins/spice-blocks/ or similar); (5) Review any files accessed via path traversal patterns in server logs. Long-term: (6) Monitor spicethemes' official website, WordPress plugin repository, and security advisories for patch releases; (7) Once patched, update immediately to the latest stable version; (8) Consider plugin alternatives if spicethemes does not provide timely security updates.

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +38
POC: 0

Share

CVE-2025-48130 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy