{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15487", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-01-08T12:26:13.470Z", "datePublished": "2026-02-04T08:25:33.630Z", "dateUpdated": "2026-04-08T17:34:27.130Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:34:27.130Z"}, "affected": [{"vendor": "qriouslad", "product": "Code Explorer", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fad8ad54-56eb-40fa-a357-77b7d656d378?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/code-explorer/tags/1.4.6/admin/class-code-explorer-admin.php#L211"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Bhumividh Treloges"}], "timeline": [{"time": "2025-12-14T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2026-02-03T19:44:36.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-04T15:17:19.875741Z", "id": "CVE-2025-15487", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T15:17:26.026Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-15487", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-04T15:17:19.875741Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T15:17:22.594Z"}}], "cna": {"title": "Code Explorer <= 1.4.6 - Authenticated (Administrator+) Arbitrary File Read via 'file' Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Bhumividh Treloges"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "qriouslad", "product": "Code Explorer", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.4.6"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-14T00:00:00.000+00:00", "value": "Discovered"}, {"lang": "en", "time": "2026-02-03T19:44:36.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fad8ad54-56eb-40fa-a357-77b7d656d378?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/code-explorer/tags/1.4.6/admin/class-code-explorer-admin.php#L211"}], "descriptions": [{"lang": "en", "value": "The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-02-04T08:25:33.630Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15487", "state": "PUBLISHED", "dateUpdated": "2026-02-04T15:17:26.026Z", "dateReserved": "2026-01-08T12:26:13.470Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-04T08:25:33.630Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Code Explorer plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.6 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El plugin Code Explorer para WordPress es vulnerable a salto de ruta en todas las versiones hasta la 1.4.6, inclusive, a trav\u00e9s del par\u00e1metro 'file'. Esto permite que atacantes autenticados, con acceso de nivel de Administrador o superior, lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n sensible."}], "id": "CVE-2025-15487", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-04T09:15:51.207", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/code-explorer/tags/1.4.6/admin/class-code-explorer-admin.php#L211"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fad8ad54-56eb-40fa-a357-77b7d656d378?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T20:57:49.897257+00:00", "value": {"mitigation_remediation": ["Upgrade the Code Explorer plugin to the latest version where the path\u2011traversal issue has been fixed. If no newer version is available, remove the plugin until a fix is released.", "Ensure that only trusted administrators have access to the WordPress backend; consider using role\u2011based access restrictions or stronger authentication methods.", "Review and tighten file system permissions on the server so that the web server process cannot read sensitive files outside the webroot."], "summary": {"action": "Patch", "impact": "Arbitrary File Read by authenticated administrators"}, "threat_synthesis": {"affected_systems": "qriouslad Code Explorer versions 1.0 to 1.4.6, deployed on WordPress sites.", "description_and_impact": "The Code Explorer WordPress plugin contains a path\u2011traversal flaw in the 'file' parameter that allows any authenticated user with Administrator or higher privileges to read the contents of arbitrary files on the server. This can expose sensitive data stored on the website files or system directories. The weakness is a classic path\u2011traversal error (CWE\u201122) and is confined to authorized internal users, not to unauthenticated visitors.", "risk_and_exploitability": "The CVSS score of 4.9 classifies this vulnerability as moderate in severity, and the EPSS score of less than 1\u202f% indicates that exploitation attempts are expected to be very rare. Since the flaw requires authentication as an administrator, it is unlikely to be exploited by attackers who have not already compromised accounts. The vulnerability is not listed in the CISA KEV catalog, suggesting it has not yet been widely exploited."}}}}, "created": "2026-02-04T21:18:10.083220+00:00", "updated": "2026-04-20T21:00:12.966369+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}