{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1565", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-02-21T17:21:55.711Z", "datePublished": "2025-04-25T09:21:41.127Z", "dateUpdated": "2026-04-08T17:18:00.600Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:18:00.600Z"}, "affected": [{"vendor": "TeconceTheme", "product": "Mayosis Core", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "Mayosis Core <= 5.4.1 - Unauthenticated Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b967eb98-69f8-41c5-a19a-9d20979accb0?source=cve"}, {"url": "https://themeforest.net/item/mayosis-digital-marketplace-theme/20210200"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Tonn"}], "timeline": [{"time": "2025-04-24T20:29:52.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-25T14:27:38.485531Z", "id": "CVE-2025-1565", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T14:27:57.070Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1565", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-25T14:27:38.485531Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T14:27:51.560Z"}}], "cna": {"title": "Mayosis Core <= 5.4.1 - Unauthenticated Arbitrary File Read", "credits": [{"lang": "en", "type": "finder", "value": "Tonn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "TeconceTheme", "product": "Mayosis Core", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "5.4.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-24T20:29:52.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b967eb98-69f8-41c5-a19a-9d20979accb0?source=cve"}, {"url": "https://themeforest.net/item/mayosis-digital-marketplace-theme/20210200"}], "descriptions": [{"lang": "en", "value": "The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-04-25T09:21:41.127Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1565", "state": "PUBLISHED", "dateUpdated": "2025-04-25T14:27:57.070Z", "dateReserved": "2025-02-21T17:21:55.711Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-25T09:21:41.127Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}, {"lang": "es", "value": "El complemento Mayosis Core para WordPress es vulnerable a la lectura arbitraria de archivos en todas las versiones hasta la 5.4.1 (incluida) a trav\u00e9s del archivo library/wave-audio/peaks/remote_dl.php. Esto permite que atacantes no autenticados lean el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial."}], "id": "CVE-2025-1565", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-25T10:15:15.557", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/mayosis-digital-marketplace-theme/20210200"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b967eb98-69f8-41c5-a19a-9d20979accb0?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T23:07:25.963405+00:00", "value": {"mitigation_remediation": ["Update Mayosis Core to the latest release (5.4.2 or newer) to remove the vulnerable endpoint.", "If an immediate update is not possible, delete or rename the remote_dl.php file so it cannot be accessed remotely.", "Reconfigure the web server or use a firewall rule to deny HTTP and HTTPS requests to any file ending with \u2018remote_dl.php\u2019 or located under the wave\u2011audio/peaks directory."], "summary": {"action": "Patch Update", "impact": "Arbitrary File Read"}, "threat_synthesis": {"affected_systems": "The affected vendor is TeconceTheme with the Mayosis Core WordPress plugin version 5.4.1 and earlier. No additional products or versions are listed in the vendor\u2019s enumeration, so only installations of Mayosis Core at or below 5.4.1 are susceptible.", "description_and_impact": "The vulnerability in Mayosis Core allows an unauthenticated user to retrieve any file stored on the web server through the remote_dl.php endpoint. Because the plugin does not validate the requested file path, attackers can direct requests to system files, configuration files, or other sensitive data, potentially exposing credentials or secrets. This weakness, characterized as a CWE\u201122 path traversal flaw, directly compromises confidentiality by allowing eavesdropping on sensitive server contents.", "risk_and_exploitability": "The CVSS score of 7.5 places this issue in the high severity range. An EPSS score of 1% indicates that a very low, but not negligible, proportion of vulnerability scanners or exploit tools are likely to target this weakness. The issue is not currently listed in the CISA KEV catalog. Exploitation requires no special privileges or authenticated access; any internet\u2011connected user can craft a request to remote_dl.php and obtain the contents of arbitrary files, assuming no server\u2011side restrictions are in place. This local filesystem read can lead to disclosure of critical data supporting further attacks such as credential stuffing or application compromise."}}}}, "created": "2025-07-12T22:09:28.246437+00:00", "updated": "2026-04-20T23:15:06.304766+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}