Product Import Export for WooCommerce < 2.5.1 – Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function | CVE 2025-1769 | Plugin Vulnerabilities

Description

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.0 via the download_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary log files on the server, which can contain sensitive information.

Affects Plugins

product-import-export-for-woo

Fixed in 2.5.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/4df60fbe-4475-4cbf-b497-a9c5251bc91f

Classification

Type

LFI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

HayMiz

Verified

No

WPVDB ID

eb9aa928-5007-4a2a-a7c7-b7a2df6033a8

Timeline

Publicly Published

2025-03-25 (about 1 year ago)

Added

2025-03-25 (about 1 year ago)

Last Updated

2025-03-26 (about 1 year ago)

Other

Published

Title

Published

2014-08-01

Title

Ajax Pagination 1.1 - wp-admin/admin-ajax.php loop Parameter Local File Inclusion

Published

2024-11-11

Title

DigiPass <= 0.3.0 - Unauthenticated Arbitrary File Download

Published

2024-04-25

Title

XStore Core <= 5.3.5 - Authenticated (Subscriber+) Limited Arbitrary File Download

Published

2024-07-09

Title

Woocommerce OpenPos < 7.0.1 - Unauthenticated Arbitrary File Deletion

Published

2025-08-14

Title

Infility Global <= 2.14.52 - Subscriber+ Arbitrary File Download