{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15491", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2026-01-08T18:41:43.510Z", "datePublished": "2026-02-07T06:00:06.979Z", "dateUpdated": "2026-04-02T12:39:55.775Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:55.775Z"}, "title": "Post Slides <= 1.0.1 - Contributor+ Local File Inclusion", "problemTypes": [{"descriptions": [{"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Post Slides", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThanOrEqual": "1.0.1"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks"}], "references": [{"url": "https://wpscan.com/vulnerability/eb0424cc-e60c-44a5-aa24-cd1fe042b27a/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Khaled Alenazi (Nxploited)", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-09T14:23:38.928386Z", "id": "CVE-2025-15491", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T14:23:41.869Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-15491", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-09T14:23:38.928386Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-09T14:23:17.718Z"}}], "cna": {"title": "Post Slides <= 1.0.1 - Contributor+ Local File Inclusion", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Khaled Alenazi (Nxploited)"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "Post Slides", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.1"}], "defaultStatus": "unknown"}], "references": [{"url": "https://wpscan.com/vulnerability/eb0424cc-e60c-44a5-aa24-cd1fe042b27a/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2026-04-02T12:39:55.775Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15491", "state": "PUBLISHED", "dateUpdated": "2026-04-02T12:39:55.775Z", "dateReserved": "2026-01-08T18:41:43.510Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2026-02-07T06:00:06.979Z", "assignerShortName": "WPScan"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Post Slides WordPress plugin through 1.0.1 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as with contributor or higher roles to perform LFI attacks"}, {"lang": "es", "value": "El plugin de WordPress Post Slides hasta la versi\u00f3n 1.0.1 no valida algunos atributos de shortcode antes de usarlos para generar rutas pasadas a funciones include, lo que permite a cualquier usuario autenticado, como aquellos con roles de colaborador o superiores, realizar ataques LFI."}], "id": "CVE-2025-15491", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-07T06:16:04.003", "references": [{"source": "contact@wpscan.com", "url": "https://wpscan.com/vulnerability/eb0424cc-e60c-44a5-aa24-cd1fe042b27a/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T17:45:25.092695+00:00", "value": {"mitigation_remediation": ["Update the Post Slides plugin to the newest publicly available version, if a vendor patch has been released.", "Remove any existing Post Slides shortcodes from posts and pages to eliminate the immediate attack vector.", "Restrict the use of the Post Slides plugin to administrators only until the vulnerability is patched."], "summary": {"action": "Apply Patch", "impact": "Local File Inclusion"}, "threat_synthesis": {"affected_systems": "The affected product is the Post Slides WordPress plugin version 1.0.1 or earlier. The plugin is distributed without a vendor name in the CNA data, so any site running the vulnerable version is at risk.", "description_and_impact": "The vulnerability is a local file inclusion flaw in the Post Slides WordPress plugin, caused by the plugin not validating certain shortcode attributes before using them to build file paths for include functions. This allows authenticated contributors or higher to cause the plugin to read arbitrary files on the server, exposing sensitive configuration data or credentials. The weakness falls under CWE\u201122.", "risk_and_exploitability": "The CVSS score of 5.5 denotes a moderate severity, and the EPSS score of <1% indicates a low current exploitation likelihood. The flaw can be exploited by any authenticated user with a contributor role or higher by supplying specially crafted shortcode attributes that are not validated, allowing the plugin to include arbitrary files via the include functions. While the vulnerability is not listed in the CISA KEV catalog, the fact that contributors are common in many installations means remediation should be prioritized."}}}}, "created": "2026-02-09T10:44:52.723858+00:00", "updated": "2026-04-28T18:00:14.064031+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}