Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spicethemes Spice Blocks allows Path Traversal. This issue affects Spice Blocks: from n/a through 2.0.7.2.
AnalysisAI
Path traversal vulnerability in Spice Blocks (a WordPress plugin by spicethemes) affecting versions through 2.0.7.2 that allows unauthenticated remote attackers to read arbitrary files from the affected server. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector, no authentication required, and high confidentiality impact, making it a significant information disclosure risk for WordPress installations using this plugin.
Technical ContextAI
This vulnerability represents a classic CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) flaw in the Spice Blocks WordPress plugin. The plugin fails to properly sanitize or validate file path parameters, allowing attackers to use path traversal sequences (such as '../' or absolute paths) to navigate outside intended directories and access restricted files. WordPress plugins operate with the privileges of the WordPress installation, giving successful exploitation the ability to read sensitive files including wp-config.php (containing database credentials), .env files, private keys, and other sensitive data on the hosting environment. The vulnerability is particularly dangerous because it requires no authentication (PR:N in CVSS) and no user interaction (UI:N), meaning any unauthenticated internet user can exploit it via a simple HTTP request.
RemediationAI
Immediate actions: (1) WordPress administrators running Spice Blocks should update to a version beyond 2.0.7.2 immediately upon availability; (2) If update is not immediately available, disable or deactivate the Spice Blocks plugin until a patch is released; (3) Apply Web Application Firewall (WAF) rules blocking common path traversal patterns (../, ..\ , encoded variants) to requests targeting plugin directories. Detection: (4) Check web server logs (Apache/Nginx access logs) for requests containing '../' or similar sequences targeting the spice-blocks plugin directory (/wp-content/plugins/spice-blocks/ or similar); (5) Review any files accessed via path traversal patterns in server logs. Long-term: (6) Monitor spicethemes' official website, WordPress plugin repository, and security advisories for patch releases; (7) Once patched, update immediately to the latest stable version; (8) Consider plugin alternatives if spicethemes does not provide timely security updates.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-17530