{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2840", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-03-27T00:04:13.307Z", "datePublished": "2025-03-29T07:03:29.710Z", "dateUpdated": "2026-04-08T16:48:18.685Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:48:18.685Z"}, "affected": [{"vendor": "bhuvnesh", "product": "DAP to Autoresponders Email Syncing", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}], "title": "DAP to Autoresponders Email Syncing <= 1.0 - Unauthenticated Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ff90774-f5f6-4d9c-9565-1cff31f9bec4?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/dap-to-autoresponders-daar/trunk/infusionsoft_src/phpinfo.php#L3"}, {"url": "https://wordpress.org/plugins/dap-to-autoresponders-daar/#developers"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "timeline": [{"time": "2025-03-28T18:38:02.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-31T13:19:45.850076Z", "id": "CVE-2025-2840", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T13:19:54.340Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2840", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-31T13:19:45.850076Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-31T13:19:49.401Z"}}], "cna": {"title": "DAP to Autoresponders Email Syncing <= 1.0 - Unauthenticated Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Avraham Shemesh"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "bhuvnesh", "product": "DAP to Autoresponders Email Syncing", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-28T18:38:02.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ff90774-f5f6-4d9c-9565-1cff31f9bec4?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/dap-to-autoresponders-daar/trunk/infusionsoft_src/phpinfo.php#L3"}, {"url": "https://wordpress.org/plugins/dap-to-autoresponders-daar/#developers"}], "descriptions": [{"lang": "en", "value": "The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-03-29T07:03:29.710Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2840", "state": "PUBLISHED", "dateUpdated": "2025-03-31T13:19:54.340Z", "dateReserved": "2025-03-27T00:04:13.307Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-29T07:03:29.710Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file."}, {"lang": "es", "value": "El complemento DAP to Autoresponders Email Syncing para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.0 incluida, a trav\u00e9s del script phpinfo.php, de acceso p\u00fablico. Esto permite que atacantes no autenticados accedan a informaci\u00f3n potencialmente confidencial contenida en el archivo expuesto."}], "id": "CVE-2025-2840", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-03-29T07:15:19.317", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/dap-to-autoresponders-daar/trunk/infusionsoft_src/phpinfo.php#L3"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/dap-to-autoresponders-daar/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3ff90774-f5f6-4d9c-9565-1cff31f9bec4?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T21:35:48.837138+00:00", "value": {"mitigation_remediation": ["Update to a patched version of the DAP to Autoresponders Email Syncing plugin that removes or secures the phpinfo.php script.", "If no patch is available, delete the phpinfo.php file or place it behind authentication or firewall rules to block public access.", "Verify that all WordPress plugin files in the plugin directory are not world\u2011readable and that default permissions prevent accidental exposure."], "summary": {"action": "Apply Patch", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all releases of the DAP to Autoresponders Email Syncing plugin up to and including version 1.0, as provided by the vendor bhuvnesh. No further version information is available, so any installation using version 1.0 or earlier is potentially exposed.", "description_and_impact": "The DAP to Autoresponders Email Syncing plugin for WordPress contains a publicly accessible phpinfo.php script that reveals configuration details and other sensitive data. Because the file is reachable without authentication, an attacker can obtain server environment variables, database credentials, and other secrets, resulting in a loss of confidentiality. This weakness is classified as CWE-200.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a moderate impact, but the EPSS score of < 1% suggests a very low likelihood of exploitation in the wild. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers can exploit the flaw by simply accessing the phpinfo.php file via any web browser, as the script is unauthenticated and directly served by WordPress. The attack requires no special privileges and thus poses a straightforward risk to any site hosting the affected plugin."}}}}, "created": "2026-04-21T21:45:25.842755+00:00", "updated": "2026-04-21T21:45:25.842826+00:00", "vendors": []}